brent timothy saner on 3 May 2009 14:01:10 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] VIrtual Servers on Single IP


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alex Launi wrote:
> Do you have a gateway box or is this box also the gateway? Shorewall
> should be able to take the domain and route to the correct vps (I'm
> prettty sure, Brent- would like your input on this). You can have
> Shorewall running on this box or a seperate gateway box.
> 
> -- 
> -- Alex Launi
> 
> 


sort of- here's how to do half of it-


1. make VPS' via openvz

2. make their IP's viewable on the external (host's) LAN via bridging on
the host and proper routing (i.e. "to get to <OPenVZ's VPS IP network>,
take a route through <openVZ host>")

3. tell shorewall to DNAT to the VPS' IP



BUT there's a problem.

AFAICT, shorewall/iptables can't interpret incoming hostnames, just IP
addresses (or i think MAC/ARP as well).

so you would have to hack up something like this:

- -put apache on the host/firewall
- -for the domain's vhost do an apache redirect to the VPS' IP


hackish, but unless i'm missing anything obvious it should work.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkn+BcMACgkQ8u2Zh4MtlQo6PwCggEBCPdwen9FhS9snXiImYS++
PwUAnjFUgG1WBd5LeQZwhZuDhrY2v9ae
=c9J6
-----END PGP SIGNATURE-----
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug