Router port and DNS settings on multiserver system
My existing config:
- only one IP from ISP (unfortunately static IPs not avail., but 1/2 has been the same when router always on, have to live with that)
- Buffalo ADSL router (NAT etc. on)
- server1.example.com (all servicies) on static 192.168.xx.yyy and set as DMZ (i.e all ports open) (debian squeeze)
- other "inner-circle" router for home network 192.168.xx.z
- domainname set malually to public-IP (on providers NS1 and NS2)
Thanks to "one server only" setup has been quite easy, but now I need more power on mysql-side thus planning for dedicated server (like your 192.168.0.107 db.example.tld) (I will keep using also 192.168.0.102 server1.example.tld for other mysql-tasks, both would need "Remote Access"-option)...
Based on multiserve-howto, 2nd server basics should be easy to follow.
Also DNS would be modified...
1. do I need to use my own DNS i.e I have to change my domain settings
(or ISP-server1 (with DNS) would take care)?
2. How to setup router (as I'll assume my DMZ-approach might not be enough)
i.e do I have to use different (incomming ports for mysql-servers? (unfortunately Buffalo does not have port change on port-forward function, which would be easy to use and keep same ports).
3. Or do I need more public-IPs to make it happen?
Thanks again for great support :)
The problem is that you can forward one port to just one backend server, so you cannot run websites on two servers. But you can run different services on different servers, like web on one server, mail on another one, and so on.
Idea (?) how to run several same servicies behind one public IP
Thanks for reply, seems that as expexted.
One idea, which might work (based on port 587 usage as in http://www.howtoforge.com/forums/showthread.php?t=54981
On (my) router very limited # for portforwards, so I would save do it as "bulk"
e.g. server1 with settings
Obviously I have to add these manually on each, but replace makes it easy / commenting out possible. Also in local netwotk orginal ports still open i.e. between servers and fot local users (ftp on port 21....)
I tried to look also how to add permanently on ISPConfig3 (18.104.22.168, squeeze) server, but could not find yet. Tried to follow http://wiki.debian.org/iptables
Could solve it
On above *filter should have been *nat, but anyhow did not help me to get them permanent...
Could solve finally after found mini-howto long time back:
Rules add to /etc/Bastille/firewall.d/pre-chain-split.sh
|All times are GMT +2. The time now is 18:01.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.