January 17th, 2013, 02:13 AM
DNS not routing to correct machines in LAN
Hi, I've been working at this for quite a while, and I can't seem to get past where I am. I'm hoping someone can please shed some light on what I may be doing wrong. I am a software developer/programmer, but I'm fairly new to networking & DNS, so let me apologize in advance if any of my terms or descriptions are confusing or incorrect.
I set up a network at my home, and I've created a diagram to help me illustrate what's going on. It looks like I can't post images here, so I've spelled out a url where you can find the image:
A little more information about the setup before I begin:
I have the domain registered at GoDaddy. The primary domain & all subdomains point to X.X.X.X (my public ip).
So, referring to the diagram...
The DESIRED Behavior (what I want to happen):
when I visit server.mydomain.com, I would like see the webpage @ 10.0.1.201.
when I visit server2.mydomain.com, I would like see the page @ 10.0.1.202.
when I visit server3.mydomain.com, I would like to see the page @ 10.0.1.203
The ACTUALLY Behavior (what's really happening):
No matter which domain I visit, I always see the page @ 10.0.1.201. However, if I type the respective LAN ip's into the browser, I get the correct pages. So, it seems that DNS isn't routing correctly. It always seems to end up at the first server, and doesn't resolve to the desired machine.
Essentially, what I'm trying to do is have all of the domains funnel into my local network, where the first server (the one with DNS running) would resolve that domain to the correct machine. They just aren't resolving... everything seems to end up at the first server.
I'm open to any suggestions or just plain ol' knowledge that anyone can share. I'm really stuck here
Thanks! - John
January 17th, 2013, 03:54 AM
Once your router starts sending traffic to .201 that's it: DNS won't help anything, neither externally nor internally. Ideally you would set up the router to inspect HTTP/S traffic and reroute to the correct machine but I've never seen a consumer grade router that can do that (which is to say that I can't speak for business/enterprise devices).
You can set up .201's web server, or another machine entirely, to reverse proxy requests for those other domains to their respective machines, which can then leverage DNS since the proxying would do a DNS lookup for whatever name you provide it.
January 17th, 2013, 11:54 AM
Since you have not given us the actual domain name, we will have to guess, but I assume that your domain name is set up with a public address. But the address you have given us indicates that it is on a private network behind a NAT router. When you do a DNS lookup, you will get the public address, and most NAT routers are not capable of loop back. However it is still quite a simple task to add the private address to the HOSTS file, so that you can access the domain from your private network by name. Just make sure the server is using a fixed IP address and not a DHCP served one.
January 17th, 2013, 01:31 PM
another thing to consider is:
if you are running all 3 of these webservers on port 80, your router will only be able to forward that port to ONE internal IP [not all 3].
also, I don't know what webserver software you are using, but, if your websites aren't high traffic website OR if your actual server hardware can handle high traffic, I would consider just using one server and using virtualhosts to serve the 2nd and 3rd domains/hosts to the 1st server.
January 17th, 2013, 01:40 PM
Thanks a lot...I had a feeling that I was missing something conceptually, so thanks for confirming that I would rather not have to replace the Airport, so I like your idea about setting up proxy to handle the request for the sub domains. I'll look into figuring out how to setup a HTTP proxy on the .201 machine. It sounds like a fairly simple procedure.
Originally Posted by requinix
I haven't set up a proxy before though, so I just want to make sure that I understand how the concept of how the proxy works though...
So, the HTTP traffic would go from the router to .201, and I would have a "reverse lookup" set up on the two subdomains to loop back into .201. Then .201's DNS would point the traffic for those subdomains to the respective machines. Does it sound like I'm understanding this correctly?
January 17th, 2013, 02:16 PM
The reason for the multiple machines is that the first machine is the "live" server (.201), the second machine (.202) is my "test" server, and the third one (.203) runs a Virtual Machine server with a bunch of VM's of different operating systems. Since everything works fine when I just use the LAN ip's, I assume that the problem is like what "requinux" said...
Originally Posted by DonR
The reason that I've got all these machines is so I can tinker with my test server without risking hurting the live server, and so I can host web apps for different OS's on my VM server.
Conceptually, what I am attempting to do is just feed all of the traffic to .201 (who is running DNS)...and have .201's DNS route the traffic for those subdomains to the correct machines. Since I'm not really a experienced networking guy (just a programming nerd), I'm not really sure that my concept makes sense... Is this something that people normally do on a network, or am I trying to do something really strange here? Also, I was wondering... Do you guys think that my diagram is set up correctly to achieve what I want to achieve, or does that need work also?
January 17th, 2013, 02:36 PM
Normally one doesn't worry about giving the Internet access to a test machine. It stays parked inside the LAN. As for the VM machine I'm not sure why that needs to be public.
If your live server has high traffic or load then you wouldn't want to put a proxy on it, but at the same time it's inadvisable to have it living at home - should have a dedicated/cloud server somewhere with a fast connection.
January 18th, 2013, 04:34 PM
Does this mean that your domain AND subdomains/hosts all have A records at Godaddy.com?...And they are all pointing to your external IP?
Originally Posted by jgrese
If this is the case, I assume you want all 3 servers to be accessible FROM the INTERNET, not the LAN?
And, if this is true, then, the aforementioned proxy would most likely be the route to take.
All steps following will be done on your server.
You will need to enable 2 mods in the apache webserver: mod_proxy & mod_proxy_http
Next, you will want to create 2 VirtualHosts, 1 for each of your 2nd & 3rd servers.
and use this for the virtualhosts:
then, restart your webserver...and, if you had your fingers crossed correctly, it should work,
ProxyPass / http://10.0.1.202/
ProxyPassReverse / http://10.0.1.202/
###Uncomment the line below if your site uses SSL.
ProxyPass / http://10.0.1.203/
ProxyPassReverse / http://10.0.1.203/
###Uncomment the line below if your site uses SSL.