I know for webservers you can run virtual hosts on Apache. I guess I needed to take a step back and realize what protocols are on what. Imbeded in (I think its http1.1?) you also have the doman name so virtual servers can work on the same IP. I was hopping this would be possible in an NAT situation for multiple IP's but the only solution is PAT where you'd have to forward port 80 and 443? for ssl to which ever IP your running apache on.
As for other services, I'm not exactly sure what you can do. I was curious if any request to such a domain binded to the telus IP would exist at that telus IP, but I guess this will not always be the case as once it goes out on the net and updates DNS servers... the only thing being requested in tcp/ip protocols is the IP itself without the domain name. If it had the domain name, I am theorizing you could have your NAT system register that client wants to connect to www.mydomain.net and would forward all future packets to 192.168.1.3. I guess thats a bit of a hack, and I'm running on incomplete knowledge of all the protocols to create this theory. ----- Original Message ----- From: "timmy" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, August 15, 2002 11:33 AM Subject: Re: (clug-talk) IP aliasing > On Thu, 15 Aug 2002 10:07:42 +0000, Richard Jenniss wrote: > > > > >Say I have my telus IP 142.152.xxx.xxx with the hostname bshx21zy170iab.hsia.telus.net > >I run BIND on that machine, can I bind it to another domain, say mydomain.net to bshx21zy170iab.hsia.telus.net > > Depends what you mean. Are you talking about reverse DNS or a PTRT record, or are you talking about assigning a hostname to an IP address? You can login > to the Telus admin page for your IP addresses and specify the hostnames for your IP addresses (PTR records), but you can't control that on your server, telus > owns those IPs, so they maintain the reverse mappings. > > > > >From there is it possible to forward those domains to different hosts in my Private network so say www.mydomain.net will go > >to 192.168.1.3 > >mail.mydomain.net will go to > >192.168.1.4 > >and so on, with the like. > > That's basically what I need to do, but I don't think it can be done on a domainname/hostname basis. This is done by Extended PAT or NAT; i.e any request > coming into 142.152.34.65 on TCP port 80 is forwarded (PAT) back to 192.168.1.3. The host at 192.168.1.3 takes care of any host header translation/web > requests. Also, you could make rules to say any request coming into 142.152.34.65 on port 25 or 110 is forwarded back to 192.168.1.4 (SMTP and POP3). This > would work, as you're running different services on different machines internally, all coming into one public IP, and using PAT/NAT to handle where each port is > forwarded to. However, If I had 2 web servers (port 80), I could not do this with one public IP. I would need 2, as you can only forward port 80 once for each > IP, it won't work twice, the box would get confused. Hence, I would need 2 public IPs on the external interface of my routing device. This cannot be done an a > Telus DSL connection, as these IPs would be coming from the same MAC address, Telus's system cannot accept these. I shouldn't say for sure this can't be > done, I just don't know any way of doing it on the Telus system. When I asked them for help, they either didn't understand what I was talking about, or were not > willing to help. > > > > > >Would this be a possible solution in your situation timmy? > > > > > >On Thu, 15 Aug 2002 09:40:11 -0600 > >"timmy" <[EMAIL PROTECTED]> wrote: > > > >> No, this worn't work. I can't put my whole IP block on the external interface of my Linux Box, it won't work. I can do what you suggested, no problem at all, > but > >> as for running an IP pool on the external interface, that's a no-go. > >> > >> On Thu, 15 Aug 2002 09:26:04 -0600, Kevin Anderson wrote: > >> > >> >This shouldn't matter at all. > >> > > >> >Plug your (dual-homed (2 Network Cards)) Linux box into the Telus > >> >connection, and plug a hub (or whatever) into the other NIC. Then plug all > >> >the PCs into the hub, and set them to use the Linux box as their default > >> >gateway. The Linux box will do NAT, and there will only be 1 MAC on the > >> >Telus side anyway. The Linux box will recieve requests from the clients, > >> >strip out their MAC & IP, replace it, and send the packet to the next hop. > >> >My Guess is that this is already happening for you. Your firewall will look > >> >after all of it. > >> > > >> >Kev. > >> > > >> > > >> > > >> > > >> >----- Original Message ----- > >> >From: "timmy" <[EMAIL PROTECTED]> > >> >To: <[EMAIL PROTECTED]> > >> >Sent: Saturday, August 10, 2002 11:56 AM > >> >Subject: (clug-talk) IP aliasing > >> > > >> > > >> >> Anyone here have any experience with IP aliasing? I had a couple of > >> >clients on cadvision, and I had built firewalls for thier DMZ. I ran > >> >IPTABLES and had > >> >> configured the boxes with IP aliasing, so all of the IPs in the /29 > >> >Cadvision provided were on the external interface of the firewall. I just > >> >did simple NAT/PAT to > >> >> manage the services on the servers behind the firewall. Now, with Telus, > >> >this, to the best of my knowledge, is no longer possible. You have to > >> >register a unique > >> >> MAC for each IP address you are using. Seeing as how all of the IP's would > >> >return the same MAC, this is not possible on Telus's system. Does anyone > >> >have a > >> >> solution for this, or do I have to: a) run the servers with no firewall, > >> >or b) build a seperate firewall for each machine?. Maybe there are other > >> >oprions, but I'm not > >> >> sure of what they might be. I did phone Telus tech support, and they of > >> >course were no help; they basically told me to either go find another > >> >provider, or switch to > >> >> their $1500/mo fibre service. > >> >> > >> >> What I don't understand is how they expect customers to run a network > >> >properly in this kind of situation. If someone is running a Cisco PIX, or a > >> >Watchdog > >> >> Firewall, which can both be configured with "IP Pools" on the external > >> >interface, what happens to their configurations? I basically had to > >> >reconfigure the whole > >> >> network in order to get things to work properly with the new Telus > >> >service, not to mention the barrage of other problems that arised from a > >> >bunch of dumb > >> >> mistakes on their end. When I phoned and asked for support, I was pretty > >> >much led to beleive they did not care one way or another if my service was > >> >working. > >> >> Has it come down to that with Telus? It seems that they have gotten so > >> >big, with so many customers, they just don't care about a few people that > >> >might be more > >> >> than a little upset over the whole ordeal, so they'd just as soon lose > >> >them as customers. What's it to them after all? They've got hundreds of > >> >tgounsands of > >> >> customers, what's the big deal about losing a few? That is not good > >> >business. I work for an ISP here in town, TeraGo Networks, and we've > >> >currently got about 600 > >> >> customers nationwide. That's mouse nuts compared to what Telus or Shaw > >> >has, but at least I take pride in knowing I care about our customer base, no > >> >matter how > >> >> small or how large the company ends up getting. > >> >> > >> >> > >> >> > >> >> > >> >> > >> > > >> > > >> > >> > >> > >> > > > > > >
