DNS Hosts behind the same IP
https://stackoverflow.com/questions/6307238
-
26-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Recently, I bought a domain name at www.active-domain.com I use it for my home network, so we're talking about NAT and dynamic IP. As my IP is dynamic, i can't create a delegation to use my own DNS server. active-domain act as the DNS server, so i can only create : A, CNAME, URL Redirect, URL Frame and TXT records.
That said, here's my question : as i am behind a NAT, is it possible to create several hosts behind the same IP?
Example :
I want that srv1.mydomain.com point to 192.168.0.101 in my network.
I want that srv2.mydomain.com point to 192.168.0.102 in my network.
But from the outside, both point to (example)74.0.0.1
In short :
srv1.mydomain.com -> 74.0.0.1 -> 192.168.0.101
srv2.mydomain.com -> 74.0.0.1 -> 192.168.0.102
Thanks.
Solution
In any case, outside DNS for yourhost.example.com and anotherhost.example.net will point at the firewall's external address (IN A 74.0.0.1 here), or at the firewall's hostname (e.g. IN CNAME yourfirewall.example.org.).
Note however that DNS (domain name to IP address resolution) happens separately from connection handling and routing. What this means:
- the client computer when faced with a DNS hostname, will try to look it up - e.g. asks its local DNS server, "who is yourhost.example.com"; DNS server replies "74.0.0.1".
- as far as the IP stack is concerned, this is the last time the hostname is used; from now on, the client operates with the address only.
- the client opens a connection to the address and a port; however, the incoming packets are only marked "for computer at address 74.0.0.1", without any indication of "what DNS name was used to get that address, if any".
Some protocols (such as HTTP) might use the hostname in the data part of the packet (with HTTP, it's the Host: header), but not every protocol does this. These are the possibilities:
If you have two servers which will run on different ports, this is not really a problem: I refer you to the Q&A on port forwarding on SuperUser.
If you need to run two servers on the same port, this becomes difficult, if not impossible: it may be possible to reverse-proxy the traffic (and separate the data for one server from data for the other); if the protocol in question doesn't do this (e.g. SMTP or SSH), you're pretty much SOL.
- Specifically, if your intent is to direct traffic to two different HTTP servers (both on port 80), you'll need to run some sort of reverse proxy at your firewall (
74.0.0.1). With Apache, the simplest config might look a bit like this:
- Specifically, if your intent is to direct traffic to two different HTTP servers (both on port 80), you'll need to run some sort of reverse proxy at your firewall (
<VirtualHost *:80>
ServerName yourhost.example.com
ProxyPass / http://192.168.0.101/
ProxyPassReverse / http://192.168.0.101/
</VirtualHost>
<VirtualHost *:80>
ServerName anotherhost.example.net
ProxyPass / http://192.168.0.102/
ProxyPassReverse / http://192.168.0.102/
</VirtualHost>
