# Host based routing..



## HJess (Sep 20, 2009)

Hi all,

I'm couriers - is is possible to make a host based routing whit ipfw or similar? 

I know that this would be difficult specially while I only have one public IP. 

Best regards
 Henrik Nielsen


----------



## SirDice (Sep 20, 2009)

Typically firewalls don't route anything. It's the routing tables that dictate where traffic is routed too.


----------



## DutchDaemon (Sep 20, 2009)

You can boot with static routes by using route statements in rc.conf.
route(8)
rc.conf(5), search for 'static_routes'


----------



## HJess (Sep 20, 2009)

sorry.. i ment natd

regarding the use of the route (8) the problem is how to route from a specific host? - It's quite easy to route from a given public IP to a local ip etc etc, but my problem is I only have one public IP and looking for a method to route on hosted based..

The issue is .. i need somehow to do this..

<Internet> /----/ <Domain> /---/ 192.168.1.1
<Internet> /----/ <Sub. Domain><Domain>  /---/ 192.168.2.1

The problem is that I dont have a spare IP for the subdomain, so I'm looking for a way for forward the requests to another local IP..


----------



## Alt (Sep 20, 2009)

Its not exactly what you asking for, but you can try to use 'nginx' proxying webserver (www/nginx) - its really easy with it.


----------



## HJess (Sep 20, 2009)

Hi alt,

The issue is that it's all the services i want to do.. ircd,smtp,www etc etc..

Its really not proxy related, as I'm talking about different servers and different hosts.


----------



## DutchDaemon (Sep 20, 2009)

With only one public IP you can only redirect one service to one internal host, so public_ip:25 -> internal_ip_1:25, and public_ip:80 -> internal_ip2:80. One service, one host. Jails typically work this way, but also setups with several internal servers on a DMZ/LAN. If you have two smtp servers you're out of luck. You can only attach one to public_ip:25 (well, you could do something with round-robin routing I guess).

You can run several physical webservers behind a single port 80, but you'd need a reverse proxy like Squid or nginx to differentiate between the different Hosts being requested.


----------



## aragon (Sep 20, 2009)

What you're asking for is impossible.  You need another IP address or you have to resort to using non-standard ports.


----------



## HJess (Sep 20, 2009)

DutchDaemon said:
			
		

> With only one public IP you can only redirect one service to one internal host, so public_ip:25 -> internal_ip_1:25, and public_ip:80 -> internal_ip2:80. One service, one host. Jails typically work this way, but also setups with several internal servers on a DMZ/LAN. If you have two smtp servers you're out of luck. You can only attach one to public_ip:25 (well, you could do something with round-robin routing I guess).
> 
> You can run several physical webservers behind a single port 80, but you'd need a reverse proxy like Squid or nginx to differentiate between the different Hosts being requested.



Thanks for the help! 
I will try to look into round-robin but as told, I think I'm up to a impossible task (specially when looking into reserve ip)..


----------

