forward port 80 for multiple IP addresses on the same Ubuntu server
I am using an Ubuntu 12.10 server as a router/NAT for an internal network to the internet. I have also configured the server to forward port 80 to a server sitting on my internal network. This all works fine.
What I would like to do now is setup additional port forwarders to addition web servers using port 80 on my network. I have several other static internet addresses I can use externally and just need to setup forwarding to the local servers.
I know I could just create additional Ubuntu servers, configuring each of them with different internet addresses (as well as local addresses on a 2nd NIC) and setting up port forwarding.
Is this possible to do with a single Ubuntu server?
I tried adding more virtual NICs to my single Ubuntu server but ran into routing problems since all these additional NICs were on the same internet subnet.
Is setting up individual ubuntu servers for each port forward I wish to do the only way to accomplish this?
routing port-forwarding nat
asked Feb 5 '13 at 0:04
user127875user127875
3925
bumped to the homepage by Community♦ 5 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
I am using an Ubuntu 12.10 server as a router/NAT for an internal network to the internet. I have also configured the server to forward port 80 to a server sitting on my internal network. This all works fine.
What I would like to do now is setup additional port forwarders to addition web servers using port 80 on my network. I have several other static internet addresses I can use externally and just need to setup forwarding to the local servers.
I know I could just create additional Ubuntu servers, configuring each of them with different internet addresses (as well as local addresses on a 2nd NIC) and setting up port forwarding.
Is this possible to do with a single Ubuntu server?
I tried adding more virtual NICs to my single Ubuntu server but ran into routing problems since all these additional NICs were on the same internet subnet.
Is setting up individual ubuntu servers for each port forward I wish to do the only way to accomplish this?
routing port-forwarding nat
asked Feb 5 '13 at 0:04
user127875user127875
3925
bumped to the homepage by Community♦ 5 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
I am using an Ubuntu 12.10 server as a router/NAT for an internal network to the internet. I have also configured the server to forward port 80 to a server sitting on my internal network. This all works fine.
What I would like to do now is setup additional port forwarders to addition web servers using port 80 on my network. I have several other static internet addresses I can use externally and just need to setup forwarding to the local servers.
I know I could just create additional Ubuntu servers, configuring each of them with different internet addresses (as well as local addresses on a 2nd NIC) and setting up port forwarding.
Is this possible to do with a single Ubuntu server?
I tried adding more virtual NICs to my single Ubuntu server but ran into routing problems since all these additional NICs were on the same internet subnet.
Is setting up individual ubuntu servers for each port forward I wish to do the only way to accomplish this?
routing port-forwarding nat
asked Feb 5 '13 at 0:04
user127875user127875
3925
I am using an Ubuntu 12.10 server as a router/NAT for an internal network to the internet. I have also configured the server to forward port 80 to a server sitting on my internal network. This all works fine.
What I would like to do now is setup additional port forwarders to addition web servers using port 80 on my network. I have several other static internet addresses I can use externally and just need to setup forwarding to the local servers.
I know I could just create additional Ubuntu servers, configuring each of them with different internet addresses (as well as local addresses on a 2nd NIC) and setting up port forwarding.
Is this possible to do with a single Ubuntu server?
I tried adding more virtual NICs to my single Ubuntu server but ran into routing problems since all these additional NICs were on the same internet subnet.
Is setting up individual ubuntu servers for each port forward I wish to do the only way to accomplish this?
routing port-forwarding nat
routing port-forwarding nat
asked Feb 5 '13 at 0:04
user127875user127875
3925
asked Feb 5 '13 at 0:04
user127875user127875
3925
asked Feb 5 '13 at 0:04
user127875user127875
3925
asked Feb 5 '13 at 0:04
user127875user127875
3925
asked Feb 5 '13 at 0:04
user127875user127875
3925
3925
bumped to the homepage by Community♦ 5 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 5 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
What you are asking to do is not possible (that I know of) with NAT. There is really no way for iptables to know where to send what traffic and you can port forward only one instance of post 80.
Imo am more elegant solution is to use nginx as a reverse proxy.
See:
https://help.ubuntu.com/community/Nginx/ReverseProxy
http://bostinno.com/channels/nginx-as-a-reverse-proxy-with-wordpress/
It works well as nginx is fast, light weight, and you can forward to your various servers based on url ;)
Nginx serves out the static content very fast and apache serves out the dynamic content (usually php) very fast (see the second link).
answered Feb 5 '13 at 0:12
PantherPanther
78.8k14157259
add a comment |
if you've got specific external ips for specific internal http servers you can use iptables for NATing to the right one, like this.
Lets supose you've got a inner http servers with ips 10.10.10.2, 10.10.10.3 and 10.10.10.4
and everytime the external ip 50.35.100.10 calls port 80 you want it to go to the 10.10.10.2 server so you use the DNAT rule like this
iptables -t nat -A PREROUTING -i eth0 -s 50.35.100.10 -p tcp --dport 80 -j DNAT --to 10.10.10.2
and the rules keep the same for other. Now if you have no specifications like this, as bodhi.zazen said before, there is no way to do it with iptables only.
answered Apr 26 '14 at 12:14
novaisjpnovaisjp
22
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f251431%2fforward-port-80-for-multiple-ip-addresses-on-the-same-ubuntu-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
What you are asking to do is not possible (that I know of) with NAT. There is really no way for iptables to know where to send what traffic and you can port forward only one instance of post 80.
Imo am more elegant solution is to use nginx as a reverse proxy.
See:
https://help.ubuntu.com/community/Nginx/ReverseProxy
http://bostinno.com/channels/nginx-as-a-reverse-proxy-with-wordpress/
It works well as nginx is fast, light weight, and you can forward to your various servers based on url ;)
Nginx serves out the static content very fast and apache serves out the dynamic content (usually php) very fast (see the second link).
answered Feb 5 '13 at 0:12
PantherPanther
78.8k14157259
add a comment |
What you are asking to do is not possible (that I know of) with NAT. There is really no way for iptables to know where to send what traffic and you can port forward only one instance of post 80.
Imo am more elegant solution is to use nginx as a reverse proxy.
See:
https://help.ubuntu.com/community/Nginx/ReverseProxy
http://bostinno.com/channels/nginx-as-a-reverse-proxy-with-wordpress/
It works well as nginx is fast, light weight, and you can forward to your various servers based on url ;)
Nginx serves out the static content very fast and apache serves out the dynamic content (usually php) very fast (see the second link).
answered Feb 5 '13 at 0:12
PantherPanther
78.8k14157259
add a comment |
What you are asking to do is not possible (that I know of) with NAT. There is really no way for iptables to know where to send what traffic and you can port forward only one instance of post 80.
Imo am more elegant solution is to use nginx as a reverse proxy.
See:
https://help.ubuntu.com/community/Nginx/ReverseProxy
http://bostinno.com/channels/nginx-as-a-reverse-proxy-with-wordpress/
It works well as nginx is fast, light weight, and you can forward to your various servers based on url ;)
Nginx serves out the static content very fast and apache serves out the dynamic content (usually php) very fast (see the second link).
answered Feb 5 '13 at 0:12
PantherPanther
78.8k14157259
What you are asking to do is not possible (that I know of) with NAT. There is really no way for iptables to know where to send what traffic and you can port forward only one instance of post 80.
Imo am more elegant solution is to use nginx as a reverse proxy.
See:
https://help.ubuntu.com/community/Nginx/ReverseProxy
http://bostinno.com/channels/nginx-as-a-reverse-proxy-with-wordpress/
It works well as nginx is fast, light weight, and you can forward to your various servers based on url ;)
Nginx serves out the static content very fast and apache serves out the dynamic content (usually php) very fast (see the second link).
answered Feb 5 '13 at 0:12
PantherPanther
78.8k14157259
answered Feb 5 '13 at 0:12
PantherPanther
78.8k14157259
answered Feb 5 '13 at 0:12
PantherPanther
78.8k14157259
answered Feb 5 '13 at 0:12
PantherPanther
78.8k14157259
78.8k14157259
add a comment |
add a comment |
if you've got specific external ips for specific internal http servers you can use iptables for NATing to the right one, like this.
Lets supose you've got a inner http servers with ips 10.10.10.2, 10.10.10.3 and 10.10.10.4
and everytime the external ip 50.35.100.10 calls port 80 you want it to go to the 10.10.10.2 server so you use the DNAT rule like this
iptables -t nat -A PREROUTING -i eth0 -s 50.35.100.10 -p tcp --dport 80 -j DNAT --to 10.10.10.2
and the rules keep the same for other. Now if you have no specifications like this, as bodhi.zazen said before, there is no way to do it with iptables only.
answered Apr 26 '14 at 12:14
novaisjpnovaisjp
22
add a comment |
if you've got specific external ips for specific internal http servers you can use iptables for NATing to the right one, like this.
Lets supose you've got a inner http servers with ips 10.10.10.2, 10.10.10.3 and 10.10.10.4
and everytime the external ip 50.35.100.10 calls port 80 you want it to go to the 10.10.10.2 server so you use the DNAT rule like this
iptables -t nat -A PREROUTING -i eth0 -s 50.35.100.10 -p tcp --dport 80 -j DNAT --to 10.10.10.2
and the rules keep the same for other. Now if you have no specifications like this, as bodhi.zazen said before, there is no way to do it with iptables only.
answered Apr 26 '14 at 12:14
novaisjpnovaisjp
22
add a comment |
if you've got specific external ips for specific internal http servers you can use iptables for NATing to the right one, like this.
Lets supose you've got a inner http servers with ips 10.10.10.2, 10.10.10.3 and 10.10.10.4
and everytime the external ip 50.35.100.10 calls port 80 you want it to go to the 10.10.10.2 server so you use the DNAT rule like this
iptables -t nat -A PREROUTING -i eth0 -s 50.35.100.10 -p tcp --dport 80 -j DNAT --to 10.10.10.2
and the rules keep the same for other. Now if you have no specifications like this, as bodhi.zazen said before, there is no way to do it with iptables only.
answered Apr 26 '14 at 12:14
novaisjpnovaisjp
22
if you've got specific external ips for specific internal http servers you can use iptables for NATing to the right one, like this.
Lets supose you've got a inner http servers with ips 10.10.10.2, 10.10.10.3 and 10.10.10.4
and everytime the external ip 50.35.100.10 calls port 80 you want it to go to the 10.10.10.2 server so you use the DNAT rule like this
iptables -t nat -A PREROUTING -i eth0 -s 50.35.100.10 -p tcp --dport 80 -j DNAT --to 10.10.10.2
and the rules keep the same for other. Now if you have no specifications like this, as bodhi.zazen said before, there is no way to do it with iptables only.
answered Apr 26 '14 at 12:14
novaisjpnovaisjp
22
answered Apr 26 '14 at 12:14
novaisjpnovaisjp
22
answered Apr 26 '14 at 12:14
novaisjpnovaisjp
22
answered Apr 26 '14 at 12:14
novaisjpnovaisjp
22
22
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f251431%2fforward-port-80-for-multiple-ip-addresses-on-the-same-ubuntu-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
