From owner-freebsd-isp Sun Dec 9 21:59: 5 2001 Delivered-To: freebsd-isp@freebsd.org Received: from inet03.citec.qld.gov.au (inet03.citec.qld.gov.au [203.5.10.10]) by hub.freebsd.org (Postfix) with ESMTP id 394D737B416 for ; Sun, 9 Dec 2001 21:58:58 -0800 (PST) Received: by inet03.citec.qld.gov.au; id PAA14240; Mon, 10 Dec 2001 15:58:55 +1000 (EST) Received: from citecub.citec.qld.gov.au( 131.242.4.98) by inet03.citec.qld.gov.au via smap (V2.0) id xma014027; Mon, 10 Dec 01 15:58:48 +1000 Received: from guru.citec.qld.gov.au by citecub.citec.qld.gov.au (SMI-8.6/SMI-SVR4) id PAA12426; Mon, 10 Dec 2001 15:58:46 +1000 Received: from localhost (sgcccdc@localhost) by guru.citec.qld.gov.au (8.9.3/8.9.3) with ESMTP id PAA95274; Mon, 10 Dec 2001 15:58:41 +1000 (EST) (envelope-from sgcccdc@citec.qld.gov.au) X-Authentication-Warning: guru.citec.qld.gov.au: sgcccdc owned process doing -bs Date: Mon, 10 Dec 2001 15:58:41 +1000 (EST) From: Colin Campbell To: Dustin Puryear Cc: , Subject: RE: Re[4]: Using DNAT and DNS round-robin In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I haven't really been following this so feel free to ignore me, but I suspect what's being proposed is the following: Let's say you have the following web servers Virtual ------- www.v1.com www.v2.com www.v3.com Real ---- www.r1.com www.r2.com www.r3.com and 2 web hosts and you are on net 192.168.1.0 Host 1 should be configured with 4 IP addresses: 192.168.1.1-4 Host 2 would be configured with 4 IP addresses: 192.168.1.5-8 Your web servers would be set up with the virtual servers on each host using one address and assigning a separate address for each "real" server. The DNS setup will make this obvious (I hope). DNS should be set up as follows: www.v1.com = 192.168.1.1, 192.168.1.5 www.v2.com = 192.168.1.1, 192.168.1.5 www.v3.com = 192.168.1.1, 192.168.1.5 www.r1.com = 192.168.1.2, 192.168.1.6 www.r2.com = 192.168.1.3, 192.168.1.7 www.r3.com = 192.168.1.4, 192.168.1.8 DNS round-robin will help "spread the load". Note that most browsers ignore any TTL settings and tend to "permanently" cache a successful name lookup. Hope this helps. On Sun, 9 Dec 2001, Dustin Puryear wrote: > > > Why not just have the firewall act as classic router like all other > > > people out there do it? > > Gabriel, after rereading your message I am now definately curious how you go > about this when using multiple webservers for both IP- and name-based > virtual hosting. Okay, so I setup my firewall to route any packets destined > for network xyz to my internal web servers. These web servers may be using > IP- or name-based virtual hosting. Now how do I configure the interfaces on > the internal web servers? > > Since each web server needs to be able to serve any of the websites, how do > I handle each web server needing to have an IP alias for one of our IP-based > virtual host? I think that is what is confusing me. If it was just > named-based virtual hosting there wouldn't be an issue in my mind. Colin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message