> Two options here, which may or may not be practical depending on your IP > configuration... > 1) Bind the addresses to the web servers and route to them. Use ipchains on > the firewall for access control > 2) Bind the addresses to the firewall and port forward relevant requests to > the internal/DMZ web servers
another possibility may be: 3) Swap the domains to name based vhosts, CNAME or A them to the firewalls external interface and port forward 80/tcp to the web server in the DMZ. Thus any new hostings can be done by configuring a vhost and adding a new CNAME/A record. No messing around with ip aliasing. cheers, Chris -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
