Virtualhost witj multiple IP ?

Virtualmin
1

Hi,

Well, I don’t know if it’s the right subject name but I will explain my problem.
Everything works fine with my Virtualmin (thanks to you guys, very very happy).
Here is my network:
INTERNET
     |
     v
Router (public IP: 122.122.122.122)
     |
     |--------------------------------------------------------------------
     |                                                   |                                                              |
     v                                                   v                                                             v
Server (192.168…1.251)                 Computer1 (192.168.1.100)          Computer2 (192.168.1.101)

Well, nothing special: I can access to the websites of my server using the local hosts file of windows from each local computer.
Now, I want to open my server to outside: I configured the router and one website, using the 8080 port: it works fine. The domain name is managed by another DNS server:

computer XX
     |
     | 1) search : subdomain.mydomain.com
     |
     v
INTERNET -------------> 2) go to the DNS server that manages the mydomain.com and give the IP
     |
     | 3) access to the server through the router
     v
Router (public IP: 122.122.122.122)
     |
     | 4) get the data OK
     |
     v  
Server (192.168…1.251)  

I have several websites into the local Server 192.168.1.251: I don’t want to add a new port for each of them?!
So, how can I do to reach the subdomainxx.mydomain.com (managed properly by the DNS that gives the IP) from OUTSIDE my local network?
I tried with the virtual interface but nothing works after my change, so I undid.
Thank you

PS: I am sure I didn’t understand something …
PSPS: here is the apache conf file snapshot:

<VirtualHost 192.168.1.251:80 122.122.122.122:80>
SuexecUserGroup “#501” “#501
ServerName subdomainxx.mylocaldomain.net
ServerAlias www.subdomainxx.mylocaldomain.net
ServerAlias webmail.subdomainxx.mylocaldomain.net
ServerAlias admin.subdomainxx.mylocaldomain.net
DocumentRoot /home/mylocaldomain/domains/subdomainxx.mylocaldomain.net/public_html
ErrorLog /var/log/virtualmin/subdomainxx.mylocaldomain.net_error_log

</VirtualHost>

2

Howdy,

So, how can I do to reach the subdomainxx.mydomain.com (managed properly by the DNS that gives the IP) from OUTSIDE my local network?

It sounds like you may be making it just a tad too complex :slight_smile:

Apache is designed to be able to do exactly what you’re trying to do… you should be able to serve as many domains as you want, using just one IP address and one port. It’s what Apache calls “Name based Virtual Hosting”.

You may want to take a peek here at the section named “the wrong site shows up”, as it explains how to make sure Virtualmin and Apache are both configured correctly to handle the fact that you’re behind a NAT router:

http://www.virtualmin.com/documentation/web/troubleshooting

Just yell if you have any additional questions that the above doesn’t explain :slight_smile:

-Eric

3

Yes, you are right: I modified the default IP adress for the virtual host and set the external IP address.
But it’s still not solved.
Explaination:
Local server (192.168.1.251) hosts a website: sub.mydomain.com
Everything is fine in localhost.

I am trying to open it to Internet:
Virtual Server Details:
Addresses 192.168.1.251:80 122.122.122.122:80

I already configured my router to route the IP packets to this server through this port 80.
I already configured my DNS record to point sub.mydomain.com to the external IP 122.122.122.122 (ping ok)
But when I tried to open the website from outside the local network, there’s nothing, just “Unable to connect”.

If I changed the port to 8080, it works!
http://sub.mydomain.com:8080 works!

So, I missed something no?

Yoong

4

Apache will never get to see your external address 122.122.122.122; your router will perform NAT (network address translation) and point all packets destined for its port 8080 to whereever in your LAN you configure it to go. So your Apache must use the LAN address, both in the VirtualHost directives and the Listen directives (in case you changed them).

Then it is just a matter of using the same LAN ports in your Apache and the port forwarding in your router, and you’re done.

Since your zones are served by external nameservers, you don’t even need to fiddle with that locally. Any (sub)domain names you have it point to 122.122.122.122 will work, on the same port, since Apache distinguishes the site being requested by an entry in the HTTP header (which - as Eric correctly pointed out - is called Name-based virtual hosts, as opposed to IP/port based).

Speaking about external nameserver: If you plan to host a lot of subdomains, you can save yourself some hassle by having your external domain name do a nameserver delegation to your Virtualmin, then have the router forward port 53 to that. When you then configure Vmin correctly, in terms of which IP addresses are to be used in zone files, it will set up DNS for your new subdomains automatically and you don’t need to do that for each subdomain on the external service.

5

Thank you but I am not really expert in Apache/DNS/Networking…
I mean I know how DNS works and how Apache handles a request but I don’t really know how to configure virtualmin/apache…
Somebody can help me?
What do you need to know?
I can post here my Virtualmin/Apache configuration and my router also.
Thank you

Yoong

6

For starters, just use Virtualmin to configure your server to use only your internal IP address, and forget all about that external stuff there. :slight_smile: Then configure your router to forward the external port you wish to use to your server, and configure your external DNS service to have the domain and subdomains point to your external IP.

7

but that’s what I did…
I reinitialized all the virtualhost to the default values.
Example:

SuexecUserGroup "#501" "#501" ServerName zylp.vanthink.net ServerAlias www.zylp.vanthink.net ServerAlias webmail.zylp.vanthink.net ServerAlias admin.zylp.vanthink.net DocumentRoot /home/vanthink/domains/zylp.vanthink.net/public_html ErrorLog /var/log/virtualmin/zylp.vanthink.net_error_log CustomLog /var/log/virtualmin/zylp.vanthink.net_access_log combined ScriptAlias /cgi-bin/ /home/vanthink/domains/zylp.vanthink.net/cgi-bin/ ScriptAlias /awstats/ /home/vanthink/domains/zylp.vanthink.net/cgi-bin/ DirectoryIndex index.html index.htm index.php index.php4 index.php5 Options -Indexes +IncludesNOEXEC ExecCGI +FollowSymLinks allow from all AllowOverride All

— Yoong Kim 03/08/2010: fast-cgi script to ensure that each script is processed

— with the user rights and not Apache rights (to avoid problem of access rights)

AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/vanthink/domains/zylp.vanthink.net/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/vanthink/domains/zylp.vanthink.net/fcgi-bin/php5.fcgi .php5

— End

allow from all

— Yoong Kim 03/08/2010: remove the default PHP files handler

RemoveHandler .php
RemoveHandler .php5

— End

RewriteEngine on RewriteCond %{HTTP_HOST} =webmail.zylp.vanthink.net RewriteRule ^(.*) https://zylp.vanthink.net:20000/ [R] RewriteCond %{HTTP_HOST} =admin.zylp.vanthink.net RewriteRule ^(.*) https://zylp.vanthink.net:10000/ [R] RemoveHandler .php RemoveHandler .php5 IPCCommTimeout 1001 Alias /dav /home/vanthink/domains/zylp.vanthink.net/public_html Alias /pipermail /var/lib/mailman/archives/public DAV On AuthType Basic AuthName zylp.vanthink.net AuthUserFile /home/vanthink/domains/zylp.vanthink.net/etc/dav.digest.passwd Require valid-user ForceType text/plain Satisfy All RemoveHandler .php RemoveHandler .php5 RewriteEngine off AuthName "zylp.vanthink.net statistics" AuthType Basic AuthUserFile /home/vanthink/domains/zylp.vanthink.net/.awstats-htpasswd require valid-user RedirectMatch /cgi-bin/mailman/([^/\.]*)(.cgi)?(.*) https://zylp.vanthink.net:10000/virtualmin-mailman/unauthenticated/$1.cgi$3 RedirectMatch /mailman/([^/\.]*)(.cgi)?(.*) https://zylp.vanthink.net:10000/virtualmin-mailman/unauthenticated/$1.cgi$3

This virtualhost works on local wthout any modification in the windows hosts file.
You can try: ping zylp.vanthink.net
it works on local host.
But from outside…
I already configured my router to redirect 80 port to my server and I stopped my iptables.
Still nothing.
What’s wrong?

Thank you

8

I guess we should start with network issues outside of Virtualmin’s scope.

--- zylp.vanthink.net ping statistics --- 53 packets transmitted, 27 received, 49% packet loss, time 52772ms rtt min/avg/max/mdev = 379.601/399.122/412.409/8.655 ms

There is massive packet loss and an excessively high response time when pinging that address, at least from my end of the world (attempt made from a fast and stable hoster in Germany). Also, that hostname does not resolve to “122.122.122.122”, but this:

[code]; <<>> DiG 9.7.0-P1 <<>> zylp.vanthink.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12575
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;zylp.vanthink.net. IN A

;; ANSWER SECTION:
zylp.vanthink.net. 14225 IN A 122.227.221.78

;; AUTHORITY SECTION:
vanthink.net. 86225 IN NS ns2.fastdomain.com.
vanthink.net. 86225 IN NS ns1.fastdomain.com.[/code]

You might want to check up on those issues before you try fixing anything else. :slight_smile:

9

Hi Locutus,

Thank you.
I checked the domain name with some online tools: http://network-tools.com/default.asp?prog=ping&host=zylp.vanthink.net
It works fine: no packet lost
Even a bit long…
Actually, 122.227.221.78 is the public IP address of my local server:

     INTERNET
            |
            v

Public IP: 122.227.221.78

| Router with DHCP |
| Configuration: |
| port 80 -> redirect to |
| 192.168.1.251 |

            |
            |
            v

| My local server |
| 192.168.1.251 |

And I configured myself the domain name zylp.vanthink.net to point to this public IP 122.227.221.78!
So everything is fine for the domain name: when you input zylp.vanthink.net, you arrive to the server.
But I cannot display anything.
I really don’t know what to do more?
Any idea or help is welcome!

Yoong

10

I think you’d need to reiterate what the current problem exactly is (what does “cannot display anything” mean?), and what your setup is, and what exactly you tried (I recall something with “port 8080 works, but port 80 does not”?

Then, double-check your router is set to port-forward correctly. Check any logs you have available (Apache, syslog, router logs) for error messages.