multiple ip

Discussion in 'Installation/Configuration' started by petya, Nov 14, 2007.

  1. petya

    petya New Member

    Hello Guys,

    I still have problems with configuring multiple ip addresses although I have reinstalled the complete linux box now, and tried the possibilities mentioned in other threads here.

    I have 3 ip's. ip_1 is the main address of the server, ip_2 and ip_3 are additional ip's.

    I have set ip_2 for ISPConfig control panel when installing ISPConfig and set a cp.mydomain.hu for that, and changed listening port of ISPConfig to 443 to make my customers able to reach the system from behind a firewall, too.
    I would like to use ip_1 by default for the main apache, and ip_3 for another domain that needs a custom ssl with ca.

    Now, if I enable main apache for listening on 443 as well, it is not able to start because it seemes that ISPConfig's apache blocks that port already, wht I do not understand because I have configured ISPConfig to use the other ip.

    If I disable 443 in main apache httpd.conf, and create two sites in ISPConfig, one on the main ip_1, and one on ip_3, the site on ip_3 says via browser: "shared ip", and not the correct web content...

    What am I doing wrong? I guess I should be able to configure sites in ISPConfig for various ip's, and enable both main apache and ISPConfig apache to listen on 443, am I right...?

    Thank you,
    Peter
     
  2. petya

    petya New Member

    some additional information

    I have tried these config variations in ispconfig httpd.conf and main apache's ports.conf:

    - if I set both apache's config to listen on 443, main apache can't start because ispconfig apache blocks 443
    - if I set main apache ports.conf to Listen ip_1:443 and Listen ip_3:443 (ip_2 is for ISPConfig) then all https requests returns a welcome page that sould be on ip_1, even if I try to access ISPConfig
    - if I set ISPConfig apache httpd.conf to listen on ip_2:443 and comment out 443 in main apache ports.conf, https://<url_to_ispconfig> does not return anything
    - if I set ISPConfig apache httpd.conf to listen on 443 and comment out 443 in main apache ports.conf, https://<url_to_ispconfig> returns ISPCOnfig well, but https://<domain_for_ip_1> returns ISPConfig site as well for some reason.. and http://<domain_for_ip_3> on port 80 returns "Shared IP"

    What variation should be used that I have missed? :)

    Any help would be greatly appreciated!

    Peter
     
  3. petya

    petya New Member

    exact description...

    Now I become to be sure that all settings are correct. I have resinstalled ISPConfig, now there's no sites defined under that.

    I have two domains: synapsys.hu and netcsarnok.hu, and 3 ip's: 88.151.103.5,12 and 13.
    Main ip is 88.151.103.5, server's name is synapsys.hu.

    Browser shows apache default page for synapsys.hu and netcsarnok.hu on port 80, that's correct since there's no Vhost in ispconfig for them.
    Via https nothing is rerurned, even on cp.synapsys.hu, where the ISPConfig should be...

    My registrator reverse dns settings are:
    synapsys.hu - 88.151.103.5
    netcsarnok.hu - 88.151.103.12
    cp.synapsys.hu - 88.151.103.13

    What can be the problem? See config files below...
    ANY help would be greatly appreciated!
    Thank you.
    Peter

    Config files relevant sections:

    ****************************************************
    netstat -tap (reverse dns entries):
    tcp 0 0 cp.synapsys.hu:domain *:* LISTEN 22337/named
    tcp 0 0 netcsarnok.hu:domain *:* LISTEN 22337/named
    tcp 0 0 synapsys.hu:domain *:* LISTEN 22337/named

    ****************************************************
    netstat -tap (main and ispconfig apache):
    tcp 0 0 netcsarnok.hu:https *:* LISTEN 22205/apache2
    tcp 0 0 synapsys.hu:https *:* LISTEN 22205/apache2
    tcp 0 0 cp.synapsys.hu:https *:* LISTEN 22129/ispconfig_htt

    ****************************************************
    /etc/apache2/ports.conf:

    Listen 80
    # Listen 443
    Listen 88.151.103.5:443
    Listen 88.151.103.12:443

    ****************************************************
    /root /ispconfig /httpd /conf / httpd.conf:
    [...]
    Port 443
    [...]
    <IfDefine SSL>
    Listen 88.151.103.13:443
    # Listen 81
    </IfDefine>
    [...]

    ****************************************************
    /home /admispconfig /ispconfig /lib / config.inc.php:
    [...]
    if(isset($_SERVER['HTTP_HOST'])){
    $go_info["server"]["server_url"] = 'https://'.$_SERVER['HTTP_HOST'];
    } else {
    $go_info["server"]["server_url"] = "https://cp.synapsys.hu:443";
    }
    [...]
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats correct too. You will have to create a site in ISPConfig that is on the IP and enable SSL and create a SSL cert, otherwise you will not get any result from your server when you connect with https.
     
  5. petya

    petya New Member

    Thank you for your answer.

    But how would I be able to create a site in ISPConfig, when ISPConfig system is also unavailable via https, as I mentioned? :)
    Should I switch back to port 81, create the site for ISPConfig, and then switch to 443 again to reach that?

    -----------------------------------
    I have tried:
    switched back to port 81, added site cp.synapsys.hu in ISPConfig, enabled ssl, created certificate, and switched in config file again to port 443 on the ip of cp.synapsys.hu.

    Does not work :( there's no response from the server...

    I can see now that ISPConfig is unable to listen on port 443 even if it is configured to listen on a specific ip's 443 port, and main apache is listen on the other ip's...

    Can be the problem that cp.synapsys.hu is logically a subdomain of synapsys.hu? I thought different ip should work in this case, too..

    Any ideas?

    Thank you,
    Peter
     
    Last edited: Nov 16, 2007
  6. falko

    falko Super Moderator ISPConfig Developer

    That's not correct.
    What's the output of
    Code:
    ifconfig
    and
    Code:
    netstat -tap
    ?
    When you installed ISPConfig, did you choose HTTPS or HTTP?
     
  7. petya

    petya New Member

    ifconfig output is:

    Code:
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:154 errors:0 dropped:0 overruns:0 frame:0
              TX packets:154 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:13946 (13.6 KiB)  TX bytes:13946 (13.6 KiB)
    
    venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
              inet addr:127.0.0.1  P-t-P:127.0.0.1  Bcast:0.0.0.0  Mask:255.255.255.255
              UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
              RX packets:35204 errors:0 dropped:0 overruns:0 frame:0
              TX packets:27464 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:39539104 (37.7 MiB)  TX bytes:4697388 (4.4 MiB)
    
    venet0:0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
              inet addr:88.151.103.5  P-t-P:88.151.103.5  Bcast:0.0.0.0  Mask:255.255.255.255
              UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
    
    venet0:1  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
              inet addr:88.151.103.12  P-t-P:88.151.103.12  Bcast:0.0.0.0  Mask:255.255.255.255
              UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
    
    venet0:2  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
              inet addr:88.151.103.13  P-t-P:88.151.103.13  Bcast:0.0.0.0  Mask:255.255.255.255
              UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
    and netstat -tap is:

    Code:
    tcp        0      0 *:ftp                   *:*                     LISTEN     21675/proftpd: (acc
    tcp        0      0 cp.synapsys.hu:domain   *:*                     LISTEN     21642/named
    tcp        0      0 netcsarnok.hu:domain    *:*                     LISTEN     21642/named
    tcp        0      0 synapsys.hu:domain      *:*                     LISTEN     21642/named
    tcp        0      0 localhost:domain        *:*                     LISTEN     21642/named
    tcp        0      0 localhost:953           *:*                     LISTEN     21642/named
    tcp        0      0 *:smtp                  *:*                     LISTEN     21607/master
    tcp        0      0 netcsarnok.hu:https     *:*                     LISTEN     21523/apache2
    tcp        0      0 synapsys.hu:https       *:*                     LISTEN     21523/apache2
    tcp        0      0 cp.synapsys.hu:https    *:*                     LISTEN     20458/ispconfig_htt
    tcp        0      0 *:mysql                 *:*                     LISTEN     1546/mysqld
    tcp6       0      0 *:pop3                  *:*                     LISTEN     28573/couriertcpd
    tcp6       0      0 *:imap2                 *:*                     LISTEN     28555/couriertcpd
    tcp6       0      0 *:www                   *:*                     LISTEN     21523/apache2
    tcp6       0      0 *:domain                *:*                     LISTEN     21642/named
    tcp6       0      0 *:ssh                   *:*                     LISTEN     29708/sshd
    tcp6       0      0 localhost:953           *:*                     LISTEN     21642/named
    tcp6       0      0 *:smtp                  *:*                     LISTEN     21607/master
    tcp6       0      0 *:imaps                 *:*                     LISTEN     28568/couriertcpd
    tcp6       0      0 *:pop3s                 *:*                     LISTEN     28588/couriertcpd
    tcp6       0      0 localhost:8005          *:*                     LISTEN     30231/java
    tcp6       0      0 *:2117                  *:*                     LISTEN     30231/java
    tcp6       0      0 *:8009                  *:*                     LISTEN     30231/java
    tcp6       0   1776 synapsys.hu:ssh         dsl54007F8C.pool.:56419 ESTABLISHED30042/0
    seem to be right I guess...

    I have chosen HTTPS.

    Do you have any idea?

    Thank you,
    Peter
     
  8. petya

    petya New Member

    Hello Guys,

    I have uninstalled ISPConfig and installed again. I decided to use control panel via port 80 according to Falco's howto about using ISPConfig on port 80 with apache reverse proxy feature, but still no good results...

    I can see that I definitely cannot use multiple ip's on the server.
    When I use main ip address for new sites, everything is working fine. But when I try to create a new site on some of the other IP addresses of the server, apache2 gives back the "shared ip" page...

    Do you have any idea, what I'm doing wrong?

    Thank you,
    Peter
     
  9. Hans

    Hans Moderator ISPConfig Developer

    Do you have added an additional IP-address within your /etc/network/interfaces file, like this?:

    # The primary network interface:
    auto eth0
    iface eth0 inet static
    address XX.XX.XX.XXX
    netmask XXX.XXX.XXX.XXX
    gateway XX.XX.XX.XXX

    # First additional IP-address:
    auto eth0:0
    iface eth0:0 inet static
    address XX.XX.XX.XXX
    netmask XXX.XXX.XXX.XXX
    gateway XX.XX.XX.XXX

    After editing /etc/network/interfaces you need to restart your network with:
    /etc/init.d/networking restart

    Within ISPConfig make sure that you have added your additional IP-address under Management > Server > Settings > IP-list.

    Hope my suggestions do help you.
     
  10. petya

    petya New Member

    Dear Guys,

    Thank you for all your help.
    The fault was in my registrator's dns, the ip records was not correctly created...
    Here all the config files are good, and now after repairing the dns records, everything is working fine...:)

    Thank you again for all of the efforts,
    Peter
     

Share This Page