|
||||||||
> > I have a single dedicated IP coming into my monowall. I'm wanting to > > NAT the external IP to two individual internal IP's > > (172.16.0.2-172.16.0.3). This is a DMZ/Server network that > I'm wanting > > port 80 to listen on both of the internal IP's NATTED to > the external > > IP. How would this be done? The best way to do this would be with an upstream proxy (squid or even apache) listening on port 80. It then load-balances the connections between your two webservers (I assume?) listening on port 80. With apache you'd do it with the ProxyPass and ProxyPassReverse commands. With Squid you'd need to look through the section in the manual on forward proxying, but it's not particularly complex or difficult to do. In this config you'd have m0n0 port forwarding 80 to a new internal machine, say 172.16.0.4, which would then "proxy" the results from your existing webservers. If you really can't use a separate machine for the task, run Squid on the more powerful of your two webservers (proxying on port 80), then get it to forward proxy (and load balance) between itself (run apache on 81), and the other webserver. Or, if you're already running Apache on the more powerful machine, define a new virtualhost containing the "true" webserver, running on 81, then modify the default config to purely proxyPass for the two servers one on localhost:81, and the other on the other machine. Plenty of options to play with. Or, I could have completely misunderstood what you're trying to do ;-) Regards, Chris -- C.M. Bagnall, Partner, Minotaur Tel: (07010) 710715 Mobile: (07811) 332969 ICQ: 13350579 AIM: MinotaurUK MSN: minotauruk at hotmail dot com Y!: Minotaur_Chris This email is made from 100% recycled electrons |