Home gateway router that supports host headers?

[bsobel]

I've got a couple of mini web servers sitting behind my home gateway (panasonic cameras, some home control systems, etc). Today I'm using Microsoft ISA to reverse proxy the sites based on host header, however I'd like to kill the ISA machine (or be able to at will). Does anyone know of one of the gateway/router boxes that supports not just 'forward port 80 to xxx' but rather 'forward http to xxx based on host header'?

Thanks,
Bill

 

[skyking]

Your own DNS server?

 

[bsobel]

Originally posted by: skyking
Your own DNS server?

Huh? I only have one ip to use, so I have to route the requests via host headers.
Bill

 

[Buddha Bart]

not even most load balancers do that, you're gonna drop a pretty penny on something that can.

[edit]took out a part where i wasn't thinking straight[/edit]
bart

 

[bsobel]

Well, I'm not (yet) worried about the cost, I'm just trying to find something that even does it.
Bill

 

[Buddha Bart]

http://www.cisco.com/en/US/products/hw/contnetw/ps792/index.html

I dont know if this is the lowest-end thing that offers it, just one I found.

[edit]jeepers![/edit]



bart

 

[Buddha Bart]

this could probably do it too:
http://www.zeus.com/products/zlb/

bart

 

[Garion]

What you really need is a reverse proxy. ISA does it, yeah, but it doesn't sound like what you want. I'd recommend looking at either Squid or Apache proxy servers - Both should do what you need. Very complex config and setup, however.

- G

 

[bsobel]

Originally posted by: Garion
What you really need is a reverse proxy. ISA does it, yeah, but it doesn't sound like what you want. I'd recommend looking at either Squid or Apache proxy servers - Both should do what you need. Very complex config and setup, however.
- G

I'm already running ISA, I mainly wanted to put this into a hardware appliance since I'm running a server just to do the reverse proxy (seems like a waste). If I used squid or apache (or delegate), I'd have the same issue... I figured at least one of these devices has to do this now a days, perhaps not?

Bill

 

[Garion]

In that case, your best bet is to probably setup forwarding on different TCP ports for each of your servers - Camera #1 goes on port 81, cam #2 on 82, etc. then use the port forwarding capacity of your router to send the traffic to port 80 on the webserver. A bit more difficult to use, but it's the only way that I know of to do it with the appliance solution, unless you want to spend big $$$ on a real load balancer or use a reverse proxy app.

- G

 

[bsobel]

Originally posted by: Garion
In that case, your best bet is to probably setup forwarding on different TCP ports for each of your servers - Camera #1 goes on port 81, cam #2 on 82, etc. then use the port forwarding capacity of your router to send the traffic to port 80 on the webserver. A bit more difficult to use, but it's the only way that I know of to do it with the appliance solution, unless you want to spend big $$$ on a real load balancer or use a reverse proxy app.

If only it was that easy My work network is restrictive (we are a security company) so for http only 80 is open, so I wouldn't be able to reach the cameras on 81,82,etc (hence why I went originally with ISA). I might need to just break down a buy a set of external ip's, if I go that route whats a good box that will allow for external/internal name mapping/routing? (the box I have now only supports one external ip)

Bill

 

[Need4Speed]

let me see if i get what you mean...you have one external IP and want to host multiple domains behind a router? right?

i dont see what so hard about this...apache can do name based virtual servers out of the box and its a piece of cake to setup. here is an example of what the conf file would look like:

NameVirtualHost 192.168.0.100 <--- Internal IP of where apache is sitting

<VirtualHost mydomain0.com>
ServerAdmin webmaster@mydomain0.com
DocumentRoot /opt/apache/htdocs/mydomain0/
ServerName mydomain0.com
ErrorLog logs/www.mydomain0.com-error_log
CustomLog logs/www.mydomain0.com-access_log common
</VirtualHost>

<VirtualHost mydomain1.com>
ServerAdmin webmaster@mydomain1.com
DocumentRoot /home/devel/test/apache/htdocs/mydomain1/
ServerName mydomain1.com
ErrorLog logs/www.mydomain1.com-error_log
CustomLog logs/www.mydomain1.com-access_log common
</VirtualHost>

<VirtualHost mydomain2.com>
ServerAdmin webmaster@mydomain2.com
DocumentRoot /opt/apache/htdocs/mydomain2/
ServerName mydomain2.com
ErrorLog logs/www.mydomain2.com-error_log
CustomLog logs/www.mydomain2.com-access_log common
</VirtualHost>

You could use some redirection to send one of these domains to another box.

 

[bsobel]

i dont see what so hard about this...apache can do name based virtual servers out of the box and its a piece of cake to setup. here is an example of what the conf file would look like:

N4S, nothing is hard about this if I dedicate a machine to it (that is what I'm doing today). What I would like to do is be able to turn off the machine and let a gateway router box do the work (since I need to have the gateway router turned on all the time anyway). This is purely a power savings question, I figure the gateway device would be much more energy efficent than the quad server I have running 24/7 doing the routing

Bill

 

[Need4Speed]

true true..though i would think that an old p90 or so wont use that much power when compared to the cost of a router that can perform this task

 

[n0cmonkey]

There are low end almost embedded Linux machines out there that could probably handle squid or Apache. They wont be as energy efficient as one of those cheesy home routers, but they could work. And I wouldnt really call RipTech a security company

 

[bsobel]

Originally posted by: n0cmonkey
There are low end almost embedded Linux machines out there that could probably handle squid or Apache. They wont be as energy efficient as one of those cheesy home routers, but they could work.

Good point, I'll search around.

And I wouldnt really call RipTech a security company

Oh, and what would you call it? So your saying I shouldn't have bought them?

Bill

 

[n0cmonkey]

Originally posted by: bsobel

Originally posted by: n0cmonkey
There are low end almost embedded Linux machines out there that could probably handle squid or Apache. They wont be as energy efficient as one of those cheesy home routers, but they could work.

Good point, I'll search around.

And I wouldnt really call RipTech a security company

Oh, and what would you call it?

Bill

Im just joking with you. I almost interviewed there, but I didnt want to drive to Arlington every day. This was a couple of months before the buy-out. I worked for one of their competitors, so speaking poorly about RipTech comes naturally