Consumer broadband routers generally have a simple port forwarding table. One can set HTTP port 80 to a particular IP address behind the router that is the web server. However, I am increasingly seeing the need (not just for myself) to maintain multiple web servers. Assigning different port numbers just ain't elegant and firewall friendly.
I was wondering if there is such a little appliance product that can sit in the network, and simply gets forwarded all the incoming port 80 traffic. It would then inspect the host header and push it to the actual web server accordingly.
The melody of logic will always play out the truth. ~ Narumi Ayumu, Spiral
http://technet.microsoft.com/en-us/library/cc302483.aspx
ISA can be installed in a workgroup mode.
I'm using ISA for this now, but mine is not in workgroup, but joined to domain...
Best Regards, Kit Kai, MVP (SharePoint Portal Server)
Based on a walkthrough with KitKai, I have setup Windows 2003 and ISA Server 2006 on an old laptop. Single ethernet port. ISA Server has a network template for Single Network Adapter, which recognises that the server can be placed unobstrusively in the network. As the name suggests, it does not require two network adapters to act as a gateway between internal and external networks; it just sits within the internal network behind the DSL modem/router.
Now the router forwards all port 80 traffic to the ISA Server, with is listed with published-site rules in the firewall to forward to the appropriate hostname/IP address in the internal network, based on the http Host Header. The catch here is I have to set the Proxy requests to published site setting to Requests appear to come from the ISA Server computer instead of Requests appear to come from the original client. I figure since this is a single-network-adapter setup and not a hard gateway, the web servers need to respond back to ISA Server first before routing back to the router and out to the Internet clients. Otherwise, it would immediately try to send response packets direct to the router, bypassing ISA Server.
This has been more complicated than I envisioned (just wanted a simple black-box appliance), but I got a workable solution now.
maybe Squid reverse proxy can work for you: http://www.visolve.com/squid/whitepapers/reverseproxy.php
http://devpinoy.org/blogs/cruizer
No I am not looking for a web caching server solution. Merely a node to redirect the HTTP packet based on host header.
I was previously trying to setup a dedicated-server edition of Untangle but have been failing on both virtual and physical installation attempts. Now I am reburshing an old winXP system to run the Windows copy to see how it works.
UPDATE
The windows-based installation is actually VMware Player running a Linux instance (for the Untangle OS). That completely chokes the old winXP system running on my old laptop too. I tried to look at ISA Server, which has been rebranded into Forefront Security server, and installed win2003 on the laptop. After messing around with all the prerequisite installations, I then get inform it needs Active Directory domain. Bah.
I went back to Untangle by installing VMware server 2.0 onto my original server. This time installing a virtual machine presents no problems that Virtual Server 2005 and Virtual PC 2007 were encountering. While I was able to install all the way through and had Untangle up and running, there unfortunately appears to no HTTP host header routing capability in the configuration or application packages available. Either I am missing something, or have been deceived.
Basic routers normally handle layer 3 IP and ports redirection. Either public IP to private IP translation or based on public port to private IP and port translation.
To look into the header of the packet and redirection to your preference, you need a content application to do the job.
Reverse Proxy - Squid should be handled it.
Check out the link: http://wiki.squid-cache.org/SquidFaq/ReverseProxy
>>Example mapping different host names to different peers:
www.example.com -> server 1 example.com -> server 1 download.example.com -> server 2 .example.net -> server 2
>>
you'll also have to make use of split DNS (names resolve differently depending on whether you are inside the private LAN or not). for example, www.example.com, example.com, download.example.com and example.net should all resolve to the external IP of the router, but within the LAN www.example.com and example.com should both resolve to the internal IP of server 1 and download.example.com and example.net should resolve to the internal IP of server 2.
The copy I used was the merged edition of ForeFront Security. I think have to dig back to the older stand-alone ISA Server. But then again, still sounds like overkill. Squid (for Windows) appears to be a less bloated approach, but I will need to set aside a block of time to learn how to configure and operate that.
Squid sounds like an overkill to me, if you need to spend lots of time learning to configure that piece of software.
I have ISA as seperate.
Squid vs ISA
which is the simpler software approach?
Round One. Fight!
you're probably more familiar with ISA. if so use that :) personally I have more Linux/Squid experience so I'll choose that