OpenVZ Forum


Home » General » Support » name based routing to VE's possible?
name based routing to VE's possible? [message #4435] Mon, 10 July 2006 20:47 Go to next message
jchamilton is currently offline  jchamilton
Messages: 8
Registered: July 2006
Junior Member
This is probably more of a networking question than a OpenVZ question so please feel free to jab me in the eye and tell me where to go with it...

In our company it's much easier to get a CNAME alias for an IP added than it is to get a brand new IP and host name.

So, is it possible to put all VE's on my HN in a private network but make them accessible from the outside world via the HN IP?

Ideally, I would like to have a CNAME alias in our corporate DNS for each VE that points to the HN IP and have the HN route to each VE based on the destination host name.

jch

Report message to a moderator

Re: name based routing to VE's possible? [message #4447 is a reply to message #4435] Mon, 10 July 2006 21:35 Go to previous messageGo to next message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
there are 2 choices here:
1. if you are not going to run multiple applications listening on the same port (e.g. >=2 httpd daemons etc.) then the best choice is NAT http://wiki.openvz.org/Using_NAT_for_VE_with_private_IPs

2. if you really need name based hosting then it depends on protocols you need Smile which protocols do you want?

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: name based routing to VE's possible? [message #4450 is a reply to message #4447] Mon, 10 July 2006 21:52 Go to previous messageGo to next message
jchamilton is currently offline  jchamilton
Messages: 8
Registered: July 2006
Junior Member
I did read that howto and it's not exactly what i'm looking for.

Primarily the ports / protocols I would need: http, https, ssh, and mysql (3306). However, projects and requirements typically change so it would be good if adding a new port was simply a config. change of some sort.

I definitely want to be able to do the name based hosting...

jch

Report message to a moderator

Re: name based routing to VE's possible? [message #4459 is a reply to message #4435] Tue, 11 July 2006 08:24 Go to previous messageGo to next message
hvdkamer is currently offline  hvdkamer
Messages: 40
Registered: July 2006
Member
According to the support website Virtuozzo is able to doe this. However I can't find if this is indeed for every protocol or just the simpler ones...

I'm currently investigating a setup to isolate webhosting accounts from each other. The normal user permissions aren't able to do this, because the webserver needs access also and that is by its very nature public Smile.

So I want SSH and HTTP for every account. Because I've only one public IP-address this becomes difficult. I'm now thinking about mod_proxy for the webserver and a lighttpd webserver in every mini OpenVZ server. Added bonus is that every account can change its PHP settings to its own desire. The main webserver just asks the right mini OpenVZ server to render the page and then gives it back.

For SSH I don't seee a simular solution. So there I'll probably give every mini OpenVZ server its own dropbear which listens on 22<VEID>. The SSH is only for the account itself, so a different port shouldn't be a problem.

Luckilly for me this are the only two needed. I'm interested to know if Virtuozzo could handle http, ssh, smtp, ftp, pop, imap and so fort purely based on the name and not IP-address.

Another solution is may be IPv6.

Henk van de Kamer
auteur Het Lab
http://www.hetlab.tk/

Report message to a moderator

Re: name based routing to VE's possible? [message #4479 is a reply to message #4459] Tue, 11 July 2006 13:46 Go to previous messageGo to next message
aistis is currently offline  aistis
Messages: 77
Registered: September 2005
Location: Kaunas, Lithuania
Member
Indeed, in Virtuozzo terminology it is "Name-Based Hosting" and it can do with following protocols: FTP, SMTP, HTTP and POP3. There are some limitations though(guess due to reasonable limitations of all protocols except HTTP which can send Host: header in advance), so for example your POP3 or FTP user names will have to be in a form <user>@<host>.

You can get 30-days free trial from SWsoft sales by filling an online form here: http://www.virtuozzo.com/en/products/virtuozzo/freetrial/

Of course another option is to implement that for OpenVZ Smile

Aistis Zenkevicius
http://static.openvz.org/userbars/openvz-user.png

[Updated on: Tue, 11 July 2006 14:40]

Report message to a moderator

Re: name based routing to VE's possible? [message #4481 is a reply to message #4435] Tue, 11 July 2006 14:52 Go to previous messageGo to next message
jchamilton is currently offline  jchamilton
Messages: 8
Registered: July 2006
Junior Member
Thanks everyone for your replies - I think what I'm going to do is ask for 3x as many IPs that I need and hope that I get 1x... Very Happy

I'll probably use the NAT method for any "dynamic" VE's that I create along the way in testing...

Thanks again for your help!

Report message to a moderator

Re: name based routing to VE's possible? [message #4482 is a reply to message #4481] Tue, 11 July 2006 15:30 Go to previous messageGo to next message
aistis is currently offline  aistis
Messages: 77
Registered: September 2005
Location: Kaunas, Lithuania
Member
Should work if you split the services between different VEs. Take care Smile

Aistis Zenkevicius
http://static.openvz.org/userbars/openvz-user.png

Report message to a moderator

Re: name based routing to VE's possible? [message #4640 is a reply to message #4482] Thu, 20 July 2006 01:34 Go to previous messageGo to next message
cdevidal is currently offline  cdevidal
Messages: 24
Registered: June 2006
Location: Jacksonville, FL
Junior Member
I just read about Virtuozzo's "named-based hosting" tonight. Is this pretty much the same as using host headers in a web server? Do each of the private VEs have their own private IP?

R U good enough?
TenThousandDollarOffer.com

Report message to a moderator

Re: name based routing to VE's possible? [message #4645 is a reply to message #4640] Thu, 20 July 2006 10:01 Go to previous messageGo to next message
aistis is currently offline  aistis
Messages: 77
Registered: September 2005
Location: Kaunas, Lithuania
Member
Yes, they do have private IPs.

Aistis Zenkevicius
http://static.openvz.org/userbars/openvz-user.png

Report message to a moderator

Re: name based routing to VE's possible? [message #4650 is a reply to message #4645] Thu, 20 July 2006 12:47 Go to previous messageGo to next message
cdevidal is currently offline  cdevidal
Messages: 24
Registered: June 2006
Location: Jacksonville, FL
Junior Member
Is this pretty much the same as using host headers in a web server?

R U good enough?
TenThousandDollarOffer.com

Report message to a moderator

Re: name based routing to VE's possible? [message #4672 is a reply to message #4650] Fri, 21 July 2006 10:38 Go to previous message
aistis is currently offline  aistis
Messages: 77
Registered: September 2005
Location: Kaunas, Lithuania
Member
Not really. AFAIR for SMTP there is a dedicated gateway (MTA running) with (my guess) some map table, which forwards messages to VEs according to rcpt to: domain name. It should not be difficult to write the HTTP proxy which proxies to VEs according to host: header. FTP/POP3 - not sure, but you get the idea.

Aistis Zenkevicius
http://static.openvz.org/userbars/openvz-user.png

[Updated on: Fri, 21 July 2006 10:42]

Report message to a moderator

Previous Topic: *SOLVED* Moving default NIC
Next Topic: Where is yum?
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Mon Jul 15 09:32:19 GMT 2024

Total time taken to generate the page: 0.03110 seconds
Powered by FUDforum Powered by Virtuozzo Containers