Ihavenousername
asked on
Web Servers From Internal IP Address's
Ok so here is the setup first. We currently have around 30 websites which we host at our facility. All of these sites are assigned a public IP address. We have 2 DNS servers with public ip address's which we use as nameservers for the websites. We also have an internal DNS server with a private IP address. The public DNS servers are actually in the DMZ of our Sonicwall 4100 Pro Firewall as are the web servers. We are about to change service providers and i would like cut down the number of public IP address's that we have to purchase. There are other reasons beside the cost which i will not go into here. It seems to me that it would be possible to set up these sites to use private IP address's using our name servers I am not exactly sure how to accomplish this however. I have tried adding a webserver to the DNS of one of the nameservers and could access the site internally just by the domain name (ie mydomain.com) i could not however access from outside the private network nor could i access using the www in fornt of the domain name. I did set up a c record in the DNS server. If someone could help out on this i would really appreciate it. I think there is going to have to be some work done in the Sonicwall as well but I am not quite sure exactly how to do this. I would assume it would be something with the NAT and the access list.
Last Comment
You don't say how many web servers you have, but if you have, for example, 5 web servers running 30 websites then you would only need 5 public IP addresses. I'll assume this isn't the case.
What may be possible (this is conjecture) is to have a single machine with a private interface (private IP address) and a public interface (and a single public IP address) which would be running software that performs some kind of blind proxying (I don't know if such a thing exists, but similar to a load-balancing proxy). This would service requests to port 80 and proxy the traffic to web sites on the inside of your network which were hosted on machines with private IP addresses via the private interface. The websites would be accessible by hostname and not IP address. The proxy would need to know how to map hostnames (for the websites) into private IP addresses, which it could do using an internal dns server.
It ought to be possible, but it probably wouldn't be the easiest thing to set-up...
What may be possible (this is conjecture) is to have a single machine with a private interface (private IP address) and a public interface (and a single public IP address) which would be running software that performs some kind of blind proxying (I don't know if such a thing exists, but similar to a load-balancing proxy). This would service requests to port 80 and proxy the traffic to web sites on the inside of your network which were hosted on machines with private IP addresses via the private interface. The websites would be accessible by hostname and not IP address. The proxy would need to know how to map hostnames (for the websites) into private IP addresses, which it could do using an internal dns server.
It ought to be possible, but it probably wouldn't be the easiest thing to set-up...
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
i appreciate the input. I am indeed using around 6 servers to run the 30 websites we are not using IIS however we are using apache. These are currently setup in the same manner as described in the article. I would be happy just to be able to reduce the number of public IP's. I would like get them under 13. I believe you have at the very least given me a direction to look at. Any idea about the sonicwall? What kind of configuration might be needed? Also would you know how to set up the config for apache? This setup was left to me and i am not quite certain as to the ins and outs of it.
You shouldn't have to do much with the sonicwall. So you have 6 servers but 13 IPs? The servers using multiple IPs each I assume. How many ips are you trying to reduce it down to? You'll need 1 external IP for each web server at the minimum.
ASKER
i may have not made myself plain i currently have 40 public ip adress's. I want ot knock that down to 13.
I believe though that dacselat has come up with the answer. I tried this and it appears to work. I think i may need to work on the dns a bit as it will only resolve to myhost.com and not www.myhost.com. it is an FQDN and should resolve to www.myhost.com. But i think i can figure that part out. If not i know where to ask the question. Thank you to all of you and especially to dacselat.
I believe though that dacselat has come up with the answer. I tried this and it appears to work. I think i may need to work on the dns a bit as it will only resolve to myhost.com and not www.myhost.com. it is an FQDN and should resolve to www.myhost.com. But i think i can figure that part out. If not i know where to ask the question. Thank you to all of you and especially to dacselat.
Web Servers
A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.
33K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
http://support.microsoft.com/kb/308163