*nix Networking Gurus

Started by Vitoc, Dec 03, 2006, 10:48 AM

Previous topic - Next topic

Vitoc

I bought a router that I read can definitely handle the /29 sticky IP block I have through my ISP.? In order to use it I installed an open source firmware on it called OpenWRT.? So turns out the UI doesn't handle it (imagine that, open source not user friendly?), so I have to drop to the OS level and play with iptables.? Problem is I have no clue what I'm doing.

Here's our setup:

GMUDServer
Windows Server 2003
Runs the actual GMUD realms
Will also serve as a web server for various GMUD info via ASP.NET

ForumServer
FreeBSD 6.1
Will run these forums eventually

So the main issue is, right now my old router only has one public IP, and all I can do is forward ports.? The problem is I have two machines I want to use as web servers.? Ideally I'd like to somehow have everything under the greatermud.com domain.? Is there a way to have the new router actually check the URL in a request on port 80 for like a specific directory "/forums" for example and have it route that request to a specific computer/IP (ForumServer in this case)?? Also, if I set my IPs on my two machines to two of my public IPs, can I still decide which ports to allow through via the router, or does that entire machine (all ports) have to be exposed to the public?


Vitoc

I think I rushed that post.

OpenWRT runs a scaled down version of Linux (or Unix, I forget which) on the router.  So I can putty in and use vim to edit files and pretty much all the basic tools are there.  It uses something called iptables to handle routing, which I've never used before.  There is a web interface for basic setups, but as I stated earlier it doesn't handle this more complex scenario.


Rondor

If you have a /29 IP block you would want to NAT 2 separate IP addresses on port 80.  These would turn around and point to the different web servers.  Iptables really is just about firewalling & NAT and not about routing. 

What kind of network connection do you have (dsl, cable, etc)?
Have you been able to setup the router and have it connect alone to the outside?

I'm not really familar with the syntax of iptables but I might be able to come up with a example ruleset with some concentration which isn't right now.  :-\  To answer your other question, you wouldn't be able to send the http requests to different web servers using the same ip address without some kind proxy acting as a middle man.

-R

Vitoc

Quote from: Rondor on Dec 04, 2006, 02:51 PM
If you have a /29 IP block you would want to NAT 2 separate IP addresses on port 80.? These would turn around and point to the different web servers.? Iptables really is just about firewalling & NAT and not about routing.?

What kind of network connection do you have (dsl, cable, etc)?
Have you been able to setup the router and have it connect alone to the outside?

I'm not really familar with the syntax of iptables but I might be able to come up with a example ruleset with some concentration which isn't right now.? :-\? To answer your other question, you wouldn't be able to send the http requests to different web servers using the same ip address without some kind proxy acting as a middle man.

-R
We're using DSL.  As of right now we're still using the old router and just port forwarding from one public IP, and no I haven't connected the new router to the WAN yet.  I'm trying to get the LAN configured properly first.

I'll be the first to admit I know next to nothing about NAT, IPFilter, iptables, or how to configure any of it in a Unix environment.  I really don't want to have to become an expert on the subject to get something working.  I think we can get a subdomain (like forums.greatermud.com) and have that assigned to our forum server, but I still need to get these IPs assigned and routed properly which I think has to happen at the router level.