Help/advice needed for gateway for multiple websites w/ email servers

[zogthegreat]

Hi everyone:

I need some advice/suggestions for a problem that I am having. I have been searching and posting all over the place, but have not yet found the solution.

Here is my setup;

server 1; apache webserver with Qmail to handle POP3 and SMTP with IP address of 192.X.X.1/24
server 2; apache webserver with Qmail to handle POP3 and SMTP with IP address of 192.X.X.2/24
server 3; apache webserver with Qmail to handle POP3 and SMTP with IP address of 192.X.X.3/24

All of these machines are built as guest on VirtualBox 3.1 using CentOS 5.4 and have properly registered domain names. These server workl properly when run one at a time.

What I need to do is build a gateway/router to direct the traffic from the outside to the correct host, i.e. request for server1.com: The Leading Server Site on the Net[/url] go to server1. I have been able to get this to work with NAT and iptables and doing a port redirecting, server1 using port 81 for http, server2 using port 82 etc. My problem is that for my POP3 and SMTP, I would have to redirect to many ports.

What I would like to do is have one machine to act as a gateway to redirect all traffic to the proper machines.

If anyone has any suggestions how to do this, please let me know.

Thanks

zog

[scathefire]

Unless you have an IP range to use, you can't accomplish what you are trying to do with using port redirection.

[zogthegreat]

Hi scathefire,

Unless you have an IP range to use, you can't accomplish what you are trying to do with using port redirection.

I have separate IP addresses for each machine.

server 1; apache webserver with Qmail to handle POP3 and SMTP with IP address of 192.X.X.1/24
server 2; apache webserver with Qmail to handle POP3 and SMTP with IP address of 192.X.X.2/24
server 3; apache webserver with Qmail to handle POP3 and SMTP with IP address of 192.X.X.3/24


Currently looking at using Postfix to redirect SMTP traffic and NAT with iptables to handle http and ftp, will let you know how it works out.

thanks

zog

[scathefire]

I meant public IP address range to use. I'm assuming you are hosting different domains on the virtual machines and you want them to be delivered to the appropriate VM. If you are wanting to accomplish this while not having to use port redirection, then you will need multiple public IP addresses.

[zogthegreat]

Hi scathefire,

I am using a dynamic DNS service, (DNS2GO), that handles the external IP, (my isp WILL NOT give a static ip to residential users, grrr). This service takes care of all three servers.

thanks

zog

[scathefire]

Unless you have 3 public IP addresses, regardless of if they are dynamic or static, (to my knowledge ISPs do not give residential customers multiple IP addresses without paying for them- at least not in the USA) its not possible to use the same ports on the outside for all three servers. You'd have to use port redirection, but you will run into a snag here as well and here is why:

You could get by with web being on a different port, it would be awkward but you could. You could get by with POP on a different port, just have users make that change in their email client. However you cannot get by SMTP being on different ports like that. SMTP servers expect to talk to other email servers on port 25.

So perhaps you should consider consolidating at least the mail server.

[zogthegreat]

Do you have any suggestions on how I could consolidate the mail servers? As I said ealier, http and ftp are no problem, it's the smtp that is giving me the headache.

Thanks

btw, noticed the "Western Kentucky" in your tag, did my basic training at Ft. Knox back in the early '80's. One question, why is it that all of the hills in Kentucky only go in an upward direction? They were a real b!*#h to climb!

zog

[scathefire]

lol. i wish i knew, i've taken it up with our interior decorator. the jury is still out on that one i guess.

maybe i spoke in haste. perhaps a simple mail router will be more than sufficient. If you are using qmail then you should be able to add something like this to your smtproutes file:

Code:

server1domain:192.X.X.1
server2domain:192.X.X.2
server3domain:192.X.X.3

since all port 25 traffic will hit the mail router first, it will ask this table where to route for domains it doesn't know about. The mail router knows about these other domains, and specifically where to route them.