Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsIT Pro and developersMultiple Web Servers Behind Single Public IP
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
timmmay
20859 posts

Uber Geek
+1 received by user: 5350

Trusted
Lifetime subscriber

  #1569204 10-Jun-2016 10:16
Send private message

Paul1977:

 

timmmay:

 

You may be ok with one IP. Does ActiveSync address the server by domain name or by IP?

 

 

By domain name, but I'd still need a reverse proxy for this to work wouldn't I since ports 80 and 443 need to be forwarded to different internal servers depending on the requested URL?

 

I was hoping it might be possible to avoid needing a reverse proxy by having multiple public IPs.

 

 

Well, you can't easily get more static IPs, so a reverse proxy seems to be the answer. It's easy to put an Nginx server in your DMZ then proxy_pass requests through to private internal IPs based on the domain name or domain + path requested.



Paul1977

5171 posts

Uber Geek
+1 received by user: 2192


  #1569224 10-Jun-2016 10:30
Send private message

timmmay:

 

Paul1977:

 

timmmay:

 

You may be ok with one IP. Does ActiveSync address the server by domain name or by IP?

 

 

By domain name, but I'd still need a reverse proxy for this to work wouldn't I since ports 80 and 443 need to be forwarded to different internal servers depending on the requested URL?

 

I was hoping it might be possible to avoid needing a reverse proxy by having multiple public IPs.

 

 

Well, you can't easily get more static IPs, so a reverse proxy seems to be the answer. It's easy to put an Nginx server in your DMZ then proxy_pass requests through to private internal IPs based on the domain name or domain + path requested.

 

 

Yeah, looks that way :(

 

I'm not a linux man at all, so I think some reading will be required!

timmmay
20859 posts

Uber Geek
+1 received by user: 5350

Trusted
Lifetime subscriber

  #1569227 10-Jun-2016 10:36
Send private message

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.



ajobbins
5053 posts

Uber Geek
+1 received by user: 1279

Trusted

  #1569228 10-Jun-2016 10:36
Send private message

I run Apache on windows for my reverse proxy at home. Pretty easy to configure, lots of online support and it's very lightweight.

 

I was using IIS but that is a lot heavier, and the machine I was running it on is very low spec so Apache runs much better.




Twitter: ajobbins

timmmay
20859 posts

Uber Geek
+1 received by user: 5350

Trusted
Lifetime subscriber

  #1569229 10-Jun-2016 10:40
Send private message

Nginx is super lightweight, fast, scalable, and easy to set up compared with Apache. It uses around 10MB of RAM and little CPU. I run Nginx on my website, which isn't high volume but gets millions of hits per month. I prefer it to Apache.

Paul1977

5171 posts

Uber Geek
+1 received by user: 2192


  #1569251 10-Jun-2016 11:08
Send private message

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 
 
 
 

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.
darylblake
1172 posts

Uber Geek
+1 received by user: 410

Trusted

  #1569256 10-Jun-2016 11:22
Send private message

Use Ubuntu server 14.04LTS or 16.04LTS, centos 7 or Debian 8. Don't use desktop OS.

Are you using UFB? I could get one of the sales guys here to quote you a multi IP solution over UFB if you think it would be easier.

Paul1977

5171 posts

Uber Geek
+1 received by user: 2192


  #1569259 10-Jun-2016 11:25
Send private message

darylblake: Use Ubuntu server 14.04LTS or 16.04LTS, centos 7 or Debian 8. Don't use desktop OS.

Are you using UFB? I could get one of the sales guys here to quote you a multi IP solution over UFB if you think it would be easier.

 

Multi IP would be easier, but would rather not have to change providers if possible. I'll see how this goes first.

 

Thanks

deadlyllama
1283 posts

Uber Geek
+1 received by user: 476

Trusted

  #1569275 10-Jun-2016 11:41
Send private message

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.

darylblake
1172 posts

Uber Geek
+1 received by user: 410

Trusted

  #1569277 10-Jun-2016 11:43
Send private message

No worries mate.

Heres a config yo get you started.. I have not tested it all but you should be able to get a rough idea.

 

I would do a minimum install of Ubuntu server 16.04. 

 

apt-get update it to latest repos.

 

then sudo apt-get install nginx

 

Then i would use a config like this: 

 

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

 

events {
worker_connections 1024;
}

 

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

 

access_log /var/log/nginx/access.log main;

 

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

 

include /etc/nginx/mime.types;
default_type application/octet-stream;

 

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

 

#port 80 config
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass http://internal.webserver.mycompany.com:80/;
}
error_page 404 /404.html;
location = /40x.html {
}

 

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 443 config
server {
listen 443 default_server;
listen [::]:443 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass https://internal.webserver.mycompany.com/:443;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 21 config
server {
listen 21 default_server;
listen [::]:21 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass ftp://internalftpserver.mycompany.com:21/;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}

 

 

 

dont take it as gospel, but it should be enough to give you an idea on how to do it. 

deadlyllama
1283 posts

Uber Geek
+1 received by user: 476

Trusted

  #1569279 10-Jun-2016 11:44
Send private message

deadlyllama:

 

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.

 

 

<sales>And if you need a consultant to set it up for you, I could build you an haproxy setup.  It's what we use for our customer hosting system, it's pretty simple, and even possible to stick SSL webservers behind it.</sales>

 
 
 
 

Shop now for Dell laptops and other devices (affiliate link).
Paul1977

5171 posts

Uber Geek
+1 received by user: 2192


  #1569330 10-Jun-2016 11:55
Send private message

darylblake:

 

No worries mate.

Heres a config yo get you started.. I have not tested it all but you should be able to get a rough idea.

 

I would do a minimum install of Ubuntu server 16.04. 

 

apt-get update it to latest repos.

 

then sudo apt-get install nginx

 

Then i would use a config like this: 

 

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

 

events {
worker_connections 1024;
}

 

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

 

access_log /var/log/nginx/access.log main;

 

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

 

include /etc/nginx/mime.types;
default_type application/octet-stream;

 

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

 

#port 80 config
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass http://internal.webserver.mycompany.com:80/;
}
error_page 404 /404.html;
location = /40x.html {
}

 

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 443 config
server {
listen 443 default_server;
listen [::]:443 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass https://internal.webserver.mycompany.com/:443;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 21 config
server {
listen 21 default_server;
listen [::]:21 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass ftp://internalftpserver.mycompany.com:21/;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}

 

 

 

dont take it as gospel, but it should be enough to give you an idea on how to do it. 

 

 

Thanks Daryl, much appreciated. Just installing Ubuntu now, so I let you know how I get on.

Paul1977

5171 posts

Uber Geek
+1 received by user: 2192


  #1569331 10-Jun-2016 12:00
Send private message

deadlyllama:

 

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.

 

 

Thanks

Zeon
3926 posts

Uber Geek
+1 received by user: 759

Trusted

  #1569332 10-Jun-2016 12:00
Send private message

Paul1977:

 

darylblake: The other option is you could buy more IP's.

 

This seemed like a good idea, but Spark have come back and said "We can only assign one Static IP to each broadband connection I am afraid. This is a system issue, not a business rule."

 

I tend to take what Spark first level support tell me with a grain of salt, as I have been given incorrect info in the past.

 

Can anyone confirm if the above is definitely the case? @cbrpilot do you have any knowledge about this?

 

Thanks

 

 

 

 

Seriously - why make your life so much harder because you have a crappy ISP who cannot offer basic features a business ISP should be able to? Virtually every business ISP should be able to provide multiple static IPv4 (we had a routed /29 subnet over VDSL once with Unleash). 2degrees/Snap definitely does this also as I am sure DTS etc. do too.

 

 

 

They should all be able to offer you a decent size IPv6 subnet. If the mobile carriers deployed IPv6 you could almost get away with running activesync IPv6 only..




Speedtest 2019-10-14

Paul1977

5171 posts

Uber Geek
+1 received by user: 2192


  #1569339 10-Jun-2016 12:07
Send private message

Zeon:

 

Paul1977:

 

darylblake: The other option is you could buy more IP's.

 

This seemed like a good idea, but Spark have come back and said "We can only assign one Static IP to each broadband connection I am afraid. This is a system issue, not a business rule."

 

I tend to take what Spark first level support tell me with a grain of salt, as I have been given incorrect info in the past.

 

Can anyone confirm if the above is definitely the case? @cbrpilot do you have any knowledge about this?

 

Thanks

 

 

Seriously - why make your life so much harder because you have a crappy ISP who cannot offer basic features a business ISP should be able to? Virtually every business ISP should be able to provide multiple static IPv4 (we had a routed /29 subnet over VDSL once with Unleash). 2degrees/Snap definitely does this also as I am sure DTS etc. do too.

 

 They should all be able to offer you a decent size IPv6 subnet. If the mobile carriers deployed IPv6 you could almost get away with running activesync IPv6 only..

 

 

It's surprising that Spark don't do it when others do. But right now it's a matter of weighing up which is more of a pain, changing ISPs or getting a reverse proxy working.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright