Solved

Two web servers on one network?

Posted on 2011-02-17
8
440 Views
Last Modified: 2012-06-21
Hello Again
I have attempted to set up two web servers on our domain by using two IP addresses and two routers.  So far no joy so maybe someone can shed some light on the situation?

I have two internet domains, lets call them A and B that each point to differnt static IP addresses.  I then set up two routers with the corresponding IP addresses so Router A has IP address A on the WAN port and router B has IP address B on the WAN port.  With this setup I can ping both routers from the internet.  Then each router has a rule set up to allow HTTP traffic to one of two web servers, so for example, web requests to router B should go to server B.  Web requests to domain/router/server A work fine.   Web requests to domain/router/server B seem to get no response

Does this setup seem right?

In my internal network I can access domain B because I added a Forward Lookup Zone pointing www to server B for that www.domainB.com.   So I know that web server B is working.

Any troubleshooting tips would be much appreciated.

Thanks
0
Comment
Question by:nps-tech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 20

Expert Comment

by:brwwiggins
ID: 34925777
Are the web servers on two different internal networks as well?
0
 

Author Comment

by:nps-tech
ID: 34926367
No its one internal network.
0
 
LVL 20

Expert Comment

by:brwwiggins
ID: 34926642
hmm, if the NAT translations are in place....they are two separate servers it should respond in the same fashion as Server A. I don't see anything wrong with the setup from a design standpoint.

Can you verify the rule on the router that serves web server B?
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 
LVL 22

Accepted Solution

by:
mcsween earned 250 total points
ID: 34927602
Your issue is the routing back out once the traffic hits the web server.

Without knowing your exact configuration I suspect one works while the other doesn't.  If this is the case the issue is with the default gateway set at the web server.

My suggestion is to do this with one router/firewall instead of two.  This makes configuration a lot easier.  You will need 3 interfaces on your router to accomplish this WAN1, WAN2, and LAN.

If you can't do it with one router you will have to modify the default gateway on one of your web servers.  Assuming Internet1 connects to Router 1 and forwards traffic for Website 1 to Server 1 you will want to set the default gateway on server 1 to the LAN address of Router 1 and set the default gateway on server 2 to the LAN address of Router 2.  If your NAT policies and firewall rules are setup correctly this configuration will work.
0
 

Author Comment

by:nps-tech
ID: 34928528
mcsween, you're a genius.  Yes the default gateway was set to router A.  When I set it to router B www.domainB.com became accessible.  One unfortunate side affect is that, because server B is the domain controller and DNS server on the local network, all outgoing internet traffic started going through router B.  Also server B is an exchange server and so our mail went offline.

Here's a thought.  Server B has two NICs.  I could set up the second NIC to use router B gateway, and tell web server B to use NIC 2.  I can tell exchange to use NIC 1 so that's all good.  My concern is DNS, is there a way to tell DNS to use NIC 1 and not NIC 2?

Thanks again
0
 
LVL 22

Expert Comment

by:mcsween
ID: 34928720
AFAIK there isn't a way to bind DNS to a specific NIC but it should follow the bindings order under advanced settings in your Network Connections folder.

You shouldn't have to worry too much about DNS traffic as the only DNS traffic that will go out to the internet from that server are lookups; it will reply to the client with the approperiate IP address and the client will use its own default gateway to get to the internet.

If you really want it all going out one ISP you can setup forwarders on the DNS server so it doesn't use root hints.  Then you can define a static route on Router B for the DNS forwarder addresses telling Router B to route all traffic for those IPs to Router A.
0
 

Author Comment

by:nps-tech
ID: 34929388
OK I'm going to have to process that later

I tried setting up the second NIC with a different gateway and the result was that the first NIC ended up with TWO gateway addresses.  We lost internet access and email!!!  I got NIC 1 to reset and internet is back but no incoming email so I'll be working on that for a while.

NOTE to those who attempt the same thing:
If you see the message "Multiple default gateways are intended to provide redundency to a single network...."   proceed carefully.
0
 

Author Comment

by:nps-tech
ID: 34966290
I made this work by pairing up the servers with their own routers.  
Internet domain A points to Router A who's rules point to server A which has Router A as the IP gateway.   Same setup for B.  
Outgoing traffic can use either router.

I got the Multiple gateway message again even though the server had only one Enabled connection.  To be safe I set the gateway the same on both NICs and this worked OK as I ended up with only ONE gateway on the enabled connection.

So now all is good.
Thanks for the help.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question