How to handle two Virtual Web Servers in one Linux Box?

Hi AriMc,

Thanks for your quick response.  Let me see if I understand this...

The Joomla VM (VM2) is the one that runs my public website, so I'd want to leave it on port 80.  Therefore, its IP address will stay http://123.123.123.123.

The Zimbra VM (VM1) is a behind-the-scenes email service for my company only, so I'd assign it to another port, such as 8080, and reach it a http://123.123.123.123:8080.

That makes sense.

Now, would I need to reconfigure the Zimbra server to stop watching for traffic on port 80 and start watching for it on 8080?

Also, I assume that I'd need to do this with all over-lapping ports?  So, if they both allow ssh on port 22 then I'd want to leave the Joomla one at 22 and assign the Zimbra one to something like 8022?

How about port 25 - which is closed on Joomla but open on Zimbra?  This could probably be left alone as long as the port forward is properly set up?

Thanks,
Jason

1) Some routers allow port translation from 8080 to 80 while doing the NAT. In this case you don't need to reconfigure Zimbra. If your router only supports simple "one-to-one", ie.
incoming 8080 to 8080 of Zimbra, then you need to reconfigure.

2) Yes you need separate mappings for each externally available service on both computers.

3) Port 25 (STMP mail?) - you probably want only one mail server or do you see the need of having two publicly available ones?

Good point Arnold! I haven't seen many web-sites using absolute links to their own subpages because it's basically very bad design, but it's a good thing to keep in mind.

The issue is less with websites and rather more with sites that dynamically generate code I think webtrends was returning URL based on the IP on which the request came which complicates things when you have a reverse proxy in front of it since all URL links will be http://privateip:port/.

Chedlin: That's a good point too but it leaves the overall system somewhat vulnerable as it requires Joomla to be alive for Zimbra to work.

AriMc: I disagree, that is why I suggested running Apache on the VirtualBox host computer (Fedora).  You can think of it along the lines of using an HTTP accelerator or load balancer, but it is using the Host header to make the routing decision.

If the resources exists you can make it a 3rd virtual machine to keep the host stripped bare, but I don't think I would personally do it that way (unless using a bare metal hyper-visor where I would have no choice).

Chedlin: Ok, I missed the part "on the host". Yes I agree in that case Joomla wouldn't be a potential vulnerability. Still, the Apache daemon on the host would be, so it would increase the complexity of the overall system.

But the main question here is the requirements of SqueezeOJ. If non-standard ports or incorrectly generated URLs from Zimbra do present a problem, then virtual server definitions on the host could provide the answer. If not, then a simple port redirection on the router in my opinion would be the cleanest solution.

Wow.  You guys have given me a lot to think about!

I'm going to need to think about the things you've given me.

I know this is getting off track, but maybe I've gotten myself in too deep.  How do most SOHO's approach running both a website and collaboration software on one virtual machine?  I was really hoping to use the Turnkey Linux appliances because they're so simple but maybe they're overly complicating the situation...

If you want simple go with the earlier port based systems.  I have a tendency to over do things

Thanks to everyone for getting involved.  The implementation of the solution may lead to a host of additional questions!