[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mail and Web server with the same IP on different machines

To: Nick Holland <nick@holland-consulting.net>,"Misc @OpenBSD" <misc@openbsd.org>
Subject: Re: Mail and Web server with the same IP on different machines
From: Diego Rodrigo Neufert <diego@magicwebdesign.com.br>
Date: Wed, 24 Jan 2001 09:27:08 -0200
Organization: Magic Web Design
References: <01012317401807.01138@belzebu.magicwebdesign.com.br> <3A6E1554.E9D99DA3@holland-consulting.net>

I dont want to use NAT because with it I need to be changing the firewall 
machine every time. 

Want I want to do is this:
Firewall - no IP. it's a bridge
Mail Server - x.x.x.5
Web Server x.x.x.6-255 ( it's because I have a lot of domains here)


Put a firewall (2 NICs) machine with bridge to hide the firewall from the 
world,
Any packet passing trought the firewall NICs with a destination to 
x.x.x.6-255 on port 110 or 25 get redirected to x.x.x.5

*Note that the packet to be redirected dont need to have their destination 
pointing to a NIC on the firewall machine, any packet passing troght the 
bridge should be redirected....

If it's not clear just ask me more....


Thanks


On Tuesday 23 January 2001 09:35 pm, Nick Holland wrote:
> Two ways I can think of (o.k., one way with a minor variant) :
>
> 1) Use a third OpenBSD box as a "firewall" system, use IPNAT to route
> the mail traffic to the mail machine, and the web traffic to the web
> machine (using rdr).
>
> 2) Put (for example) the mail server directly on the 'net, and use
> IPNAT (and rdr) on that box to route web traffic to another machine
> attached via a second NIC.
>
> Using rdr options with ipnat allow you to route packets addressed to
> certain ports to certain machines behind the NAT.  See the Networking
> FAQ for more info.
>
> If the machines are really so heavily loaded that you need two
> machines, you would probably prefer the first option.  Another
> advantage is that you can do major maintenance (i.e., take it down) on
> either server without affecting the other.
>
> Nick.
>
> Diego Rodrigo Neufert wrote:
> > Hi,
> >
> > I want to separate my mail and web servers on two diferent machines but I
> > cant give another IP addr to the mail server because I have lots of
> > domains here and my statistics system need the booth IPs (Web and Mail)
> > to be the same.
> >
> > I have a clue on this in linux with Advanced Routing....
> >
> > Any ideas to do this in OBSD?
> >
> > --
> > Diego Rodrigo Neufert
> > Webmaster / Web Developer - Magic Web Design
> > -----------------------------------------------------------
> > diego@magicwebdesign.com.br
> > www.magicwebdesign.com.br
> > Curitiba - PR - Brasil

-- 
Diego Rodrigo Neufert
Webmaster / Web Developer - Magic Web Design
-----------------------------------------------------------
diego@magicwebdesign.com.br
www.magicwebdesign.com.br
Curitiba - PR - Brasil

Follow-Ups:
- Re: Mail and Web server with the same IP on different machines
  - From: Nick Holland <nick@holland-consulting.net>

References:
- Mail and Web server with the same IP on different machines
  - From: Diego Rodrigo Neufert <diego@magicwebdesign.com.br>
- Re: Mail and Web server with the same IP on different machines
  - From: Nick Holland <nick@holland-consulting.net>

Prev by Date: Mobile IP for OpenBSD
Next by Date: Re: OBSD is fast!
Prev by thread: Re: Mail and Web server with the same IP on different machines
Next by thread: Re: Mail and Web server with the same IP on different machines
Index(es):
- Date
- Thread