Stroller <stroller <at> stellar.eclipse.co.uk> writes:
> > I have one static IP > > ... Could someone post > > some simple iptable examples of how to route 2 different > > web server traffic streams to 2 different machines? > > Both are inside the same DMZ....2 different machines > > with different (NAT) IP addresses. > Can't be done. Ok, that explains why I drew a blank on how to proceed. > There is no way for IPtables to distinguish between an http request to > bigbreastedmommas.com at 24.73.161.102 and an http request to > bouncyboobs.com at 24.73.161.102, assuming both are on port 80. So the best I can do is forward all traffic( 80, 443, etc) for the group of websites to a proxy behind the firewall, then use software such as what kashani suggested (proxypass, Squid, ngnix, lighttpd, or Varnish) and parse the traffic with some form of vhosts implementation on a single server (nated IP)? I definately do not want to run anything additional on the firewall, unless it is absolutely secure and then it would have to have an light loading of firewall resources. Then if the load of the combined virtual hostings becomes too large, I use a group (cluster) of servers that and implement some sort of load balancing across the machines that each contain complete copies of each website? Then there is the question of how to keep the individual machines 'in sync' and the limitation that once a machine is saturated (performance suffers too much due to insufficient resources) there is no solution for expansion? One last thing. I can get a small subnet of say 5 IP address from my ISP for an additional 20/month. That that help me? I want to put up dozens of small charitable web sites. None will have a huge user base, but I was going to stream some limited video from each of them. Any other architectual solutions here? (outside hosting is not an option). My ISP is very cool, and will even let me run my own primary and secondary name service, if that helps redirect the traffic? Ideas? James
