FREE Servers/Workstations Resources from Intel:
Whitepaper:
Itanium 2-based Solutions and x86 Architecture 		Whitepaper:
Which Is Right for You--Itanium 2 or x86 Architecture? 		Whitepaper:
Air-Cooled High-Performance Data Centers: Case Studies and Best Methods

justlinux.com
Thu, 28-Aug-2008 02:10:10 GMT
internet.com
Forum: Registered Users: 72546, Online: 182
nhfs Here you can view your subscribed threads, work with private messages and edit your profile and preferences Registration is free! Calendar Find other members Frequently Asked Questions Search Home Home

Help File Library: Apache: Virtual Hosting Behind a Cable/DSL Router


Written By: J. Voth
Cable and DSL are, without a doubt, the two coolest things since sliced bread. With the advent of said technolgies, people are finally getting the benefits of a dedicated, "always-on" connection to the internet, making setting up web and mail servers at home much easier, less expensive and certainly more fun than the old dial up days. If you don't have cable or DSL, get it. If you can't, then move somewhere where you can. It is most definitely worth it. Anyways, I decided to write this Help File because I was having some problems getting Apache Web Server to serve web pages to internet users behind my DSL router. I could easily set up Apache and make it work, with just one web site on the server. The real trick is getting two or more websites published to the internet, on an Apache Web Server behind a single IP. In Apache-ese, serving two or more websites on one instance of httpd (Apache), is called virtual hosting. If your familiar with Microsoft's Internet Information Server, then you'll know this as using host header names.

This Help File is designed to help those who have some familiarity (no expertise required however) with IP, DNS and Apache. I'm assuming that you already have a DNS server of some kind, whether it is on your own personal LAN, or you're using a service provider's name servers, like World Wide DNS (http://www.worldwidedns.net). Also, you'll need to have purchased a unique domain name from somewhere like http://www.domainmonger.com (only $17 a year per domain name, pretty cheap). Your DNS server does not have to be a Linux box either, by the way. You'll need, well, a cable/DSL router with a working connection to the internet, and have Linux, I'll be using Red Hat 7 in my example, with Apache 1.3.12 installed. This will not be a Help File on installation of any distro, or a Bind and DNS lesson either, by the way. I'm not quite experienced enough to write on that yet. I don't think we have any Help Files on Bind yet, but if you happen to not understand DNS, then I suggest going to http://www.amazon.com and searching for some books on the subject, because DNS can be pretty tricky sometimes.

Okay, so you've got all the requirements mentioned above taken care of. Now you need to know if your internet service provider, issues you a static IP address or if it is dynamically assigned to your router's WAN link. I went ahead and paid a little extra and got an ISP that issues out static IP addresses for the simple fact that I wanted to host web sites and set up my own mail server, etc., etc. I suggest you do the same because if your router's WAN link is getting it's IP address assigned to it dynamically, then you'll have to go and change your host records on your DNS server every time that your IP address changes. That would suck, trust me. So let's get down to business shall we. I'll be using examples from my own personal LAN, so your settings and domain names will be different. The first thing we will worry about is configuring our router/firewall. Every cable/DSL router I've seen has built in, but limited, firewall capabilities and web browser based configuration utility. So the main things we will worry about here are:

1. IP addresses 2. Port filtering

Set the LAN IP address to some non routable address like 192.168.123.254. Set your WAN IP, subnet mask, and default gateway to whatever addresses your ISP has given you. My settings are WAN IP: 64.30.204.21, subnet mask: 255.255.255.0, and WAN gateway: 64.30.204.254.

Ensure the DHCP server for your router is disabled, as you'll need a static IP for your internal webserver. Our webservers IP is going to be 192.168.123.2 and its fully qualified domain name is rh.thevoths.com. Set a filter for port 80 to route to IP 192.168.123.2.If you have a DNS server on your internal LAN, ensure that ports 53 and 113 are filtered to your internal DNS server. That should be it as far as configuring our router. Not too bad yet, eh?

The next thing we'll do is configure our zone file on our DNS server. This is the trickiest part of this whole operation in my mind. Not actually carrying out the operation but figuring out gave me some headaches. I'm not going to go through Bind specifically as any DNS server will do. If your using a service provider's DNS server's, then they will more than likely have some sort of webpage to configure your zone files. Again, if your not sure about zone files and host records and such, then please do some research on it as it is very useful and important information, especially if you want to learn Linux. Some DNS service providers will allow you to call them and tell them what records to add to your zone files, so you could take that route if you like. You must have a registered domain name also. As I wanted to host a web site for a friend of mine who was hired to design a web site for a new band called Gimp', we will be using a name that I registered, gimpmusic.net, and my own personal domain, thevoths.com. My zone file's (called simply, thevoths.com) records look like this (yours will not have the same hostnames):

NS ns1.worldwidedns.net NS ns2.worldwidedns.net www.thevoths.com A 64.30.204.21 www.thevoths.com A 192.168.123.3 rh.thevoths.com A 192.168.123.3

The NS means nameserver record and A means host record. The convention I've used here is this: www should point to your WAN link ( being that that's the only address that the internet knows about), it should also point to the webserver's nonroutable IP address (192.168.123.3), and their needs to be an A record in their for our webserver's actual hostname (I could have actually named our webserver www.thevoths.com and leave out the extra A record for rh.thevoths.com, I just like to name my servers after their OS, personal preference only), don't use cnames(aliases) because they will conflict with Apache's httpd.conf file when you configure the virtual hosts. If your not sure what all this is, then just register a domain name, get a DNS service provider, and have them help you configure your zone just like we did above. If you do have a good grasp of DNS then your probably wondering why the heck I didn't use a CNAME, and you'll see why in the next section about configuring Apache to use virtual hosts. By the way gimpmusic.net will look like this:

NS ns1.worldwidedns.net NS ns2.worldwidedns.net www.gimpmusic.net A 64.30.204.21 www.gimpmusic.net A 192.168.123.3

Configuring Apache for virtual hosts or vhosts is fairly simple. We will be working with version 1.3.12. Go into your http.conf ( in Red Hat 7.0 - /etc/httpd/conf/httpd.conf) and get ready to do some exciting text editing. By this time during this process I am totally pumped up and can barely contain myself....just kidding. Okay, the first thing we will do is add the NameVirtualHost directive and then we will add the directives. Make sure Bind Address (it's a setting in httpd.conf, I don't mean an actual Bind nameserver) is set to 192.168.123.3. Simply add this code into httpd.conf similar to the following:

NameVirtualHost 192.168.123.3 ServerName www.thevoths.com DocumentRoot /var/www/html/thevoths ServerName www.gimpmusic.net DocumentRoot /var/www/html/gimpmusic

Notice that the NameVirtualHost and the directives point to the nonroutable IP address of the webserver which is 192.168.123.3, not the WAN IP address on the router. You see the whole idea behind NAT routing (which is what cable/DSL routers are) is that you have only one IP address exposed to the outside world. So if you want to publish web servers and what not to the internet, then in DNS you would ensure that your webserver's hostname would resolve to your router's WAN IP address. You would then filter the appropriate port, which in our case we used the standard port 80 for our webserver. Also in DNS, you would ensure that on your internal network your webserver can reslove to the nonroutable IP address that it is actually assigned(192.168.123.3 in our case). I know this sounds like somewhat of a complicated DNS setup and I agree with you. The only way I could get vhosts to work, however, was doing it this exact same way. DNS was the tricky thing to figure out for me on this one but this setup works for great. So if you visit http://www.gimpmusic.net, then you will be visiting a site that is powered by Apache and is sitting behind a DSL router with a strange DNS setup. Hopefully, this will help someone out tremendously if they are having problems getting your webserver or mail server to publish to the internet behind a single IP address.


internet.com
IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers
internet.commerce
Be a Commerce Partner
Memory
Memory Upgrades
PDA Phones & Cases
Boat Donations
Web Design
Promos and Premiums
Cell Phones
Compare Prices
Laptops
Online Education

IBM IT Innovation Resource Center:
WHITEPAPER:
An Architectural Blueprint for Autonomic Computing 		ON DEMAND WEBCAST:
Blades Burst onto the Data Center Scene 		BUSINESS VALUE ANALYZER:
IBM SOA Business Value Assessment 		WHITEPAPER:
Tiered Information Infrastructure: A Practical Approach to Translating Strategy into Implementation



JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers