[4020] in linux-net channel archive
Re: Virtual web server
daemon@ATHENA.MIT.EDU (Jos Vos)
Thu Aug 15 17:32:01 1996
From: Jos Vos <jos@xos.nl>
To: longyear@netcom.com (Al Longyear)
Date: Wed, 14 Aug 1996 10:20:53 +0200 (MET DST)
Cc: linux-net@vger.rutgers.edu
In-Reply-To: <199608120442.VAA25430@netcom22.netcom.com> from "Al Longyear" at Aug 11, 96 09:42:04 pm
> Using dummy device(s) will work for a small number.
What is the limit for dummy devices?
And for aliases?
> However, this customer wants to dedicate the entire class-C network to
> this one computer for web services. This is ONE computer and 255
> IP addresses -- all on one network -- all on one computer.
>
> Routing is not a problem. We just make the system the gateway to the
> class-C network and the frames are delivered to this system as they
> would be for any router.
>
> However, does anyone have a way to 'properly' define that all 255
> possible IP addresses for a class-C network are local and not to be
> forwarded to another network?
You could use the facility for transparent proxying (2.0.x kernels).
After doing (ipfwadm 2.3.0 syntax)
ipfwadm -I -a accept -P tcp -D my-net/24 80 -r
all packets going to my-net will be handed over to the local HTTP daemon.
That daemon then need to do a getsockname() to see the target address.
> I need to have the destination IP address intact in order to do the
> virtual services in apache.
That's OK in the above situation (I guess Apache does a getsockname()).
You can do the same for other services, if you like. You could even do
ipfwadm -I -a accept -P tcp -D my-net/24 -r
which catches _all_ services (even telnet).
This also works to some extend for UDP, in a slightly different way.
Of course, the packets have to arrive at the system, but that's up
to your routing configuration. I'ld like to hear whether this works
for you.
--
-- Jos Vos <jos@xos.nl>
-- X/OS Experts in Open Systems BV | Phone: +31 20 6938364
-- Amsterdam, The Netherlands | Fax: +31 20 6948204
