Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How do I route internally based on the domain being accessed?

Posted on 2008-11-07
2
Medium Priority
?
168 Views
Last Modified: 2012-05-05
Say I have two subdomains, a.domain.com, and b.domain.com. I want my 831 to examine the header, sort-of like apache's virtualhosts do, and based on the IP, send the request to one of my servers.

So - say I have a server on 10.10.10.1, and one on 10.10.10.2. I want anything accessed by a.domain.com to go to 10.10.10.1, and anything from b.domain.com to go to 10.10.10.2.

I only have ONE external IP. I think this is possible, but not sure how to do it, or even what to look up.
0
Comment
Question by:kb3llm
2 Comments
 
LVL 23

Accepted Solution

by:
Mysidia earned 500 total points
ID: 22911140
That you have only 1 external ip is a problem.  And there are ways to handle it,  but I am not aware of a Cisco 831 being capable of this.

What you have is commonly treated as a load balancing / content switching problem, not a routing problem  (you want to direct requests to the same IP to different dedicated servers based on domain requested).    A common way of doing this is to setup a load balancer appliance;  the load balancer can be configured to forward different domains to different dedicated servers.

A reverse proxy, for example squid, apache, pound on a dedicated Linux server, or say a  Cisco Content Engine appliance,  etc   can also forward the request to the desired frontend webserver based on domain name.





Routers choose the destination based on the IP address in the headers.

Or with policy routing: based on the source address and other criteria like port numbers.

However, when a HTTP request is made, the  DOMAIN NAME is not in the packets at layer 3,  it is only sent inside the actual HTTP request stream.

Your router (and even the destination server)  cannot know the domain name, or tell whether the user entered http://a.com  or entered http://(ip addresss)  into their browser,  without a thorough examination of Application layer data.

Layer 7 inspection of all traffic is expensive, in that the equipment requires special support for it, and a fair amount of CPU power.  The Cisco 831 has fairly little CPU power and doesn't do deep packet inspections.


Something other than a Cisco 831 is really required in order to switch based on domain name in the HTTP request.

Something routing a request based on destination domain needs to examine the request down to the application layer,  before a decision can be made based on domain name.

0
 

Author Closing Comment

by:kb3llm
ID: 31514610
Thanks for the informative reply. It makes sense, though it's unfortunate. Oh well - thanks again.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question