Jo, On 13-Sep-01 Kurt Seifried wrote:
mmh ...
Maybe this is realy a missunderstandig. What I`m searching is a pice of Software that I can publish my HTTP-Servers in my DMZ to the world. AND I would like to do things like:
www.Name.de/sub1/ -> box2.internal/sub_main/sub www.Name.de/sub2/ -> box3.internal/something_else/sub www.Name.de/sub1/sub2 -> box2.internal/sub_main/sub3
Yes, that's called http accelerating. Dunno if you can do various dir's to internal servers though. You can do virtual hosts off of one IP address though.
We have one external IP, but have very different boxes for the diffrent parts of our Web-Service. Like box2 runs NT, box3 runs Solaris.
Yup. no prob.
I had the same thoughts first, but IMO a little more tweaking is required to get it up and running properly. If www.Name.de resolves to, for example, 1.2.3.4, it would be the same for www.Name.de/sub1, /sub2, etc., but Apache can only do name-based virtualizing with pure domain names/aliases like www.Name.de or www.Name2.de, not www.Name.de/sub1, because /sub1 is just a simple subdirectory, not a subdomain or something. But you could do Apache name-based virtualizing AND redirecting instead. For example, if you have one DMZ-based web server with Apache, you could assign this as your "master" web server where www.Name.de resides. Next you could set up an internal DNS which "knows" the internal machines by their (also internal) names, and then redirect requests to, say, www.Name.de/sub1/ to box2.internal/sub_main/sub. This could be easily accomplished using Apache�s redirect directive. For security reasons you should use internal/private IP addresses for the DMZ boxes, make them resolveable with an internal DNS and use port forwarding on the firewall, assign your official IP to its world network-device and forward any requests to your "master web server" with a private IP first, which does the name-based redirecting and virtualizing. My port forwarding utility of choice is ipmasqadm, which is part of the SuSE distro (sec). "Have a lot of fun..." ;) [...]
Franziskus
Kurt Seifried, kurt@seifried.org PGP Key ID: 0xAD56E574 Fingerprint: A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://www.seifried.org/
Boris Lorenz