Solved

Linux 1 NIC 2 IPs on different networks, want to bind one apache instance only to second IP.

Posted on 2010-09-03
9
515 Views
Last Modified: 2012-05-10
Hi,

I have a Linux box with only a NIC, I have been assigned 2 ip address on different networks, and of course different default GWs, currently I have activated only one of them (IP-A) in the usual way, and it works.

IP-A is let's say 10.0.0.20 with default gw: 10.0.0.1
IP-B is let's say 192.168.1.20 with default gw: 192.168.0.1

Apache is working let's name it Apache-A

I need to set a new apache server only for IP-B, that will have different config from that running for IP-A, so what I am going to do, is to bind Apache instance A, only to IP-A, and will execute another instance with another config file for IP-B and will bind it only for that IP..

What I want to achieve is that requests comming from net-A be handled with apache-A and requests comming from net-B to be handled by apache-B.

My current Linux initialization scripts gets the IP-A, from DHCP... so dhcp sets the default gw, to net's-A 10.0.0.1.

So, what can I do to initialize the NIC (after getting IP-A address via DHCP), with the network-B IP,
and make sure that apache instance-B does not send back requests comming from IP-B trough DefaultGW-A, (it has to use defaultGW-B)?

The first step is simple:

ifconfig eth:0 192.168.1.20 up

What follows?, "ip" command?, "route" command?, "iptables" ??.......

(IP based virtual hosts is not a solution)
0
Comment
Question by:egarciat
  • 4
  • 4
9 Comments
 
LVL 26

Expert Comment

by:arober11
Comment Utility
Simple, just have to separate Listen and two separate VirtualHost definitions in you httpd.conf e.g.

Listen 11.22.33.44:80
Listen 22.33.44.55:80


<VirtualHost 11.22.33.44:80>
...
</VirtualHost>


<VirtualHost 22.33.44.55:80>
...
</VirtualHost>

See: http://httpd.apache.org/docs/2.0/vhosts/ip-based.html
0
 
LVL 24

Expert Comment

by:rfc1180
Comment Utility
you can not have 2 active gateways by default; Using routers, you can setup policy routing.

If you follow this tutorial, you will find this is what you are trying to accomplish:

http://kindlund.wordpress.com/2007/11/19/configuring-multiple-default-routes-in-linux/

Billy
0
 
LVL 3

Author Comment

by:egarciat
Comment Utility
arober11:

Last line in question post states: (IP based virtual hosts is not a solution)

rfc1180:

almost, almost, however I have no access to the server kernel, neither allowed to recompile and use a new kernel, however I do have root access.

Do you know if there is a way to know if such options are already active in my current kernel?..

[*] TCP/IP networking
[*] IP: advanced router
[*] IP: policy routing
[*] IP: use netfilter MARK value as routing key

TCP/IP is of course present :)

(/proc/config.gz is NOT available :( , however proc exists and have some nodes there... )

0
 
LVL 24

Expert Comment

by:rfc1180
Comment Utility
>[*] IP: policy routing

>however I do have root access.

Looks like you are all set  policy routing is built in and not as a module, so you should be all set to go.

Billy
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 3

Author Comment

by:egarciat
Comment Utility
I'm sorry, I copied verbatim the options from the url you posted, I was trying to list the required options..

What I meant was:

How can I know if I have the following options enabled in my current kernel?:

- TCP/IP networking
- IP: advanced router
- IP: policy routing
- IP: use netfilter MARK value as routing key

0
 
LVL 24

Expert Comment

by:rfc1180
Comment Utility
0
 
LVL 3

Author Comment

by:egarciat
Comment Utility
Guess what?..

Config is available, (I searched days ago and it wasn't... :S )

Do you think, that my kernel is readay for that?..


root@host:/lib/modules# zcat /proc/config.gz | grep IP_

CONFIG_IP_MULTICAST=y

CONFIG_IP_ADVANCED_ROUTER=y

CONFIG_ASK_IP_FIB_HASH=y

# CONFIG_IP_FIB_TRIE is not set

CONFIG_IP_FIB_HASH=y

CONFIG_IP_MULTIPLE_TABLES=y

CONFIG_IP_ROUTE_FWMARK=y

CONFIG_IP_ROUTE_MULTIPATH=y

CONFIG_IP_ROUTE_MULTIPATH_CACHED=y

CONFIG_IP_ROUTE_MULTIPATH_RR=y

CONFIG_IP_ROUTE_MULTIPATH_RANDOM=y

CONFIG_IP_ROUTE_MULTIPATH_WRANDOM=y

CONFIG_IP_ROUTE_MULTIPATH_DRR=y

CONFIG_IP_ROUTE_VERBOSE=y

CONFIG_IP_PNP=y

CONFIG_IP_PNP_DHCP=y

CONFIG_IP_PNP_BOOTP=y

CONFIG_IP_PNP_RARP=y

CONFIG_IP_MROUTE=y

CONFIG_IP_PIMSM_V1=y

CONFIG_IP_PIMSM_V2=y

# CONFIG_IP_VS is not set

CONFIG_IP_NF_CONNTRACK=y

CONFIG_IP_NF_CT_ACCT=y

CONFIG_IP_NF_CONNTRACK_MARK=y

CONFIG_IP_NF_CONNTRACK_SECMARK=y

# CONFIG_IP_NF_CONNTRACK_EVENTS is not set

# CONFIG_IP_NF_CT_PROTO_SCTP is not set

CONFIG_IP_NF_FTP=y

CONFIG_IP_NF_IRC=y

# CONFIG_IP_NF_NETBIOS_NS is not set

CONFIG_IP_NF_TFTP=y

CONFIG_IP_NF_AMANDA=y

CONFIG_IP_NF_PPTP=y

# CONFIG_IP_NF_H323 is not set

# CONFIG_IP_NF_SIP is not set

CONFIG_IP_NF_QUEUE=y

CONFIG_IP_NF_IPTABLES=y

CONFIG_IP_NF_MATCH_IPRANGE=y

CONFIG_IP_NF_MATCH_TOS=y

CONFIG_IP_NF_MATCH_RECENT=y

CONFIG_IP_NF_MATCH_ECN=y

CONFIG_IP_NF_MATCH_DSCP=y

CONFIG_IP_NF_MATCH_AH=y

CONFIG_IP_NF_MATCH_TTL=y

CONFIG_IP_NF_MATCH_OWNER=y

CONFIG_IP_NF_MATCH_ADDRTYPE=y

CONFIG_IP_NF_MATCH_HASHLIMIT=y

CONFIG_IP_NF_FILTER=y

CONFIG_IP_NF_TARGET_REJECT=y

CONFIG_IP_NF_TARGET_LOG=y

CONFIG_IP_NF_TARGET_ULOG=y

CONFIG_IP_NF_TARGET_TCPMSS=y

CONFIG_IP_NF_NAT=y

CONFIG_IP_NF_NAT_NEEDED=y

CONFIG_IP_NF_TARGET_MASQUERADE=y

CONFIG_IP_NF_TARGET_REDIRECT=y

CONFIG_IP_NF_TARGET_NETMAP=y

CONFIG_IP_NF_TARGET_SAME=y

# CONFIG_IP_NF_NAT_SNMP_BASIC is not set

CONFIG_IP_NF_NAT_IRC=y

CONFIG_IP_NF_NAT_FTP=y

CONFIG_IP_NF_NAT_TFTP=y

CONFIG_IP_NF_NAT_AMANDA=y

CONFIG_IP_NF_NAT_PPTP=y

CONFIG_IP_NF_MANGLE=y

CONFIG_IP_NF_TARGET_TOS=y

CONFIG_IP_NF_TARGET_ECN=y

CONFIG_IP_NF_TARGET_DSCP=y

CONFIG_IP_NF_TARGET_TTL=y

# CONFIG_IP_NF_TARGET_CLUSTERIP is not set

CONFIG_IP_NF_RAW=y

# CONFIG_IP_NF_ARPTABLES is not set

# CONFIG_IP_DCCP is not set

CONFIG_IP_SCTP=y

CONFIG_SLIP_COMPRESSED=y

CONFIG_SLIP_SMART=y

CONFIG_SLIP_MODE_SLIP6=y





root@host:/lib/modules# zcat /proc/config.gz | grep POLICY

CONFIG_NETFILTER_XT_MATCH_POLICY=y





root@host:/lib/modules# zcat /proc/config.gz | grep MARK

CONFIG_IP_ROUTE_FWMARK=y

CONFIG_NETWORK_SECMARK=y

CONFIG_NETFILTER_XT_TARGET_CONNMARK=y

CONFIG_NETFILTER_XT_TARGET_MARK=y

CONFIG_NETFILTER_XT_TARGET_SECMARK=y

CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=y

CONFIG_NETFILTER_XT_MATCH_CONNMARK=y

CONFIG_NETFILTER_XT_MATCH_MARK=y

CONFIG_IP_NF_CONNTRACK_MARK=y

CONFIG_IP_NF_CONNTRACK_SECMARK=y

CONFIG_BRIDGE_EBT_MARK=y

CONFIG_BRIDGE_EBT_MARK_T=y

CONFIG_NET_SCH_DSMARK=y

CONFIG_CLS_U32_MARK=y



root@host:/lib/modules#

Open in new window

0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 500 total points
Comment Utility
http://cateee.net/lkddb/web-lkddb/IP_MULTIPLE_TABLES.html
CONFIG_IP_MULTIPLE_TABLES=y  (- IP: policy routing)


CONFIG_IP_ADVANCED_ROUTER=y (- IP: advanced router)
CONFIG_IP_ROUTE_FWMARK=y  (- IP: use netfilter MARK value as routing key)

Yup, looks like you are good to go

Billy
0
 
LVL 3

Author Comment

by:egarciat
Comment Utility
Hi, I was unable to test configuration posted by you, due to techincal issues on the server.

Since these are local problems, I am almos sure your posted comment will do the trick once these issues are resolved.

So I am accepting the solution.

0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now