1

Can anyone direct me what to look for to get a Router / Gateway / Firewall for my home-office enviroment to be able to run multiple e.g. Webserver on port 80, with one public ip. I know it can be done using Apache or IIS on a server-computer. A Cisco or Netgear router?

E.g.:

host1.example.com:80 -> 192.168.0.101

host2.example.com:80 -> 192.168.0.102

Sam
  • 370
  • 1
  • 4
  • 18

2 Answers2

2

Openwrt has good apache/squid support. I used apache even for reverse proxy. Only thing you need, were an openwrt-compatible router.

Second thing, you need to set up apache (I suggest apache for this) in this special proxy working method. It is not so hard as it seems. If you want, I were glad to copy-paste some config example in this post.

There is not too much problem about the CPU need of a such proxy - most routers haven't very strong cpu - because what a such hw/sw configuration does, isn't really more as if it only packets forwarded. There is no such cpu-intensive things as f.e. php-interpretation or jvm, and the apache can run with his "worker" mpm, in threaded mode, which is very fast.

peterh
  • 4,953
  • 13
  • 30
  • 44
  • Is the function called reverse-proxy, or does it have another name? If I'll try to get a non-openwrt router. – Sam Dec 20 '13 at 15:17
  • @Sam Yes, it is reverse proxy, but a little bit special form of it. If somebody say you: "this ... server can reverse proxy too", it doesn't mean, that it can handle also this your wanted configuration. Maybe a google for "reverse proxy for multiple backend servers" or such thing can help you more. – peterh Dec 20 '13 at 15:19
1

Routers typically don't run servers. OpenWRT and DD-Wrt based routers can provide this functionality if they have sufficient memory. This is because they are running a Linux kernel. Web server capability is done by running a web server or proxy such as Apache or Squid.

If you have several small sites to server, you may be able to use a Rasberry Pi or similar device to run your web sites. If you require more capacity, a small server running Linux can provide both firewall and Web Server capability. I started with a recycled desktop system with a second network card running Linux as both a Web Server and firewall.

I do this separation at the web server. The major web servers handle delivering content based on the Host header. The Apache web server calls this functionality VirtualHosts. It is possible to proxy some or all of a Host's traffic to a second server.

Multi-domain HTTPS is more difficult as certificates are associate with a hostname. If the domains are related, a multi-domain or wildcard certificate will work. Some servers can handle negotiating the Hostname before providing the certificate, although I have never successfully implemented this.

You will want to have your router forward HTTP requests to your web server. Most routers provide this capability by port and/or as a DMZ address.

BillThor
  • 27,737
  • 3
  • 37
  • 69