This one is puzzling me and I suspect it is impossible, at least, without some pretty serious gear.
Anyway, my question here is whether there is a way to multi-home with more than one server, to the same port on the same IP address?
In short, I have two servers, one of them runs a few things on port 80, for example;
dxzeff.com
test.dxzeff.com
treason.ddns.net (defunct)
These will all return completely different things despite running on the same server on the same port. But if I want to add another server on port 80, is this possible using the same external IP? Especially if one of those servers has unreliable multi-homing at best. One of the servers is going to be using virtual machines and already supports multi-homing through host headers, so that one is probably more flexible. If I have to add another adapter to it or something I can. The second server runs on bare hardware and has limited support of host headers - as in, it pretty much doesn't work - so is there anything I can do? Or am I going to have to get a second IP at some point in the future to do this.
I may find an answer myself as I am currently studying "reverse proxy" but am currently unsure and figured that it was worth asking on the off-chance someone knows something I don't. The "better" of the two servers runs IIS 6, the primitive one will be running JNOS1.11a, which is pretty much not worth investigating because I doubt we'll be relying on that one to do fancy things.
I know this is trivially doable using Apache, so you could presumably proxy everything together using Apache or NGINX. I don't use IIS, so I'm not sure if MS includes a method to make this happen.
Apache? Ick, no. Next you'll tell me to bin ASP.NET and move the PHP or something, I don't own a Cray. Apparently such a proxy is possible in IIS, but all the diagrams are from a later version, which makes me worry it might not be in IIS 6.0. I won't find out until I re-install everything on the server though and that could take a while as it is not co-operating with moving off the old files so I can swap the drive over to the new one.
Hey, I'm not telling you to do anything. You can keep your syntactic sugar and clicky configuration wizards. I'm just suggesting you might have to configure proxying and confirming what I know works for DNS based multi homing. I know Apache can do this (in concert with IIS). I'm pretty sure NGINX can as well. Beyond that, maybe other members have some suggestions.
I was just joking around, I know you weren't telling me what to run. The advice was valid anyway.
I may have enough power to move to a later version of IIS, I will have to check the system requirements. Problem being I hate the interface in Windows Noob Server 2008 and despise the singular, static, network connection icon in the tray. Not sure I want to learn a new OS. Suppose I can test drive 2K3/IIS6 in a VM first though, that probably wouldn't take me very long, and I could then test 2K8IIS7 if it doesn't work or lacks that feature.
I guess if all else fails I could probably run an Apache server on the bare hardware which proxies both the IIS VM and the JNOS clunker.
I was just joking around, I know you weren't telling me what to run. The advice was valid anyway.
I may have enough power to move to a later version of IIS, I will have to check the system requirements. Problem being I hate the interface in Windows Noob Server 2008 and despise the singular, static, network connection icon in the tray. Not sure I want to learn a new OS. Suppose I can test drive 2K3/IIS6 in a VM first though, that probably wouldn't take me very long, and I could then test 2K8IIS7 if it doesn't work or lacks that feature.
I guess if all else fails I could probably run an Apache server on the bare hardware which proxies both the IIS VM and the JNOS clunker.
Maybe look at NGINX? It's supposed to be the new hotness for this kind of task.
All those code blocks... I don't much like the looks of this. Apache, whilst being a slow and unreliable resource hog, is something I am at least somewhat comfortable with. I had never even heard of NGNIX prior to this and if I have to type stuff like that out I think I'll be avoiding it, that's what DOS was for, I don't expect to have to put up with that sort of thing today. I've always felt alienated when I've had to mess with this stuff, I moved with the times until IIS 6 and then everything changes and it's like a damn foreign language, literally 90% of what I learned - and even have a certificate for - is now useless.
Just to be clear though, I appreciate the advice and if nothing else, I'm learning about something I didn't know, which can only be a good thing as it may come in useful later.
Looks like this stuff is going to be delayed anyway as I cannot get the files I need from the server, and thus, cannot start re-installing the operating system. I don't own another SATA machine.
I hear ya. That's why I use preexisting templates or copy and paste. As for NGINX, it's supposed to be leaner and meaner than Apache httpd with commensurate performance benefits.
I know it has been suggested above, but I just want to chime in and say NGINX is almost probably exactly what you need. Apache is quite too much overkill for just proxying. There also seems to be a windows build of nginx, so you don't even have to learn a new OS: https://kevinworthington.com/nginx-for-windows/
The basic principle is:
- Run whatever webservers you like, e.g. IIS, on non-standard ports, e.g. 8080, or 8081.
- Run Nginx on port 80.
- Set up proxying in nginx to forward requests to specific hosts to the other servers on 8080 or 8081.
I've only tried it with all the server services running on the same machine, but you should even be able to forward requests to different hosts. The configuration is generally quite easy.
Never thought of this when I put the backup method in place. Sure, I can connect the disk with the images and other stuff on it to the server, but I can't plug it into anything else. I almost think it might be faster to build a shitty Athlon 64 with the pieces I have lying around, install Windows XP, connect the disk to that and copy it over from there.
Edit: Maybe I can get the attachment right this time.
microsoft threat management gateway (tmg) can do this (reverse proxying). unfortunately thats kind of overkill. you'll need a dedicated win server 2008 r2 (virtual) machine for that. tmg will reverse proxy the requests to the appropriate server depending on the host header.
web application proxy (wap) is another solution which runs on win server 2012 r2 and is free (where tmg is not).
unfortunately wap is only capable of reverse proxying https at the moment. http support will be added when it will be integrated into the server os, starting with the upcoming win server 2016.
another option is using a hardware firewall. i know that the fortinet "fortigate" boxes have a function that allows redirecting http requests to specific servers according to the host header. you could get one on ebay, the fortigate 50B would fit perfectly for internet connections with up to 60Mbit/s bandwidth and it should be rather cheap as it isn't the newest model anymore. the power supplies tend to die but they aren't anything special, any 12V power adapter with about 2A will fit.
edit: whats the matter with the file copy process? why is that thing so slow? what systems and what network equipment is involved? how does your network look like?
I wondered about hardware firewalls. Sounds viable, given this is a <1Mbit/s line. I could just steal 12V from the servers PSU, it is Atom based and uses very little power on its own, so ~25 Watts more on the PSU isn't going to make a difference.
Edit: This is Gigabit Ethernet, but something is wrong with the server the files are being copied from. I have moved the backup disk to a makeshift eSATA setup on my laptop and it is copying much faster. I use pretty hefty D-Link switches in 19" format, they don't mess around.
I wondered about hardware firewalls. Sounds viable, given this is a <1Mbit/s line. I could just steal 12V from the servers PSU, it is Atom based and uses very little power on its own, so ~25 Watts more on the PSU isn't going to make a difference.
Edit: This is Gigabit Ethernet, but something is wrong with the server the files are being copied from. I have moved the backup disk to a makeshift eSATA setup on my laptop and it is copying much faster. I use pretty hefty D-Link switches in 19" format, they don't mess around.
if you get a fortigate, i can help you with that. i have 4 of them in use by myself as main gateways.
can you narrow the issue down to something? is any network traffic going through that server so slow? is local access to the disk fast or slow too? checkes network connection link speed? maybe the NIC or the ethernet cable has some kind of an issue?
i have seen 19" d link switches not performing very well but that speed is much worse than "not very well"...
inetinfo is the cause, as long as that is running, the network access is limited and everything is slow. Mostly due to the CPU being locked at 100%, this includes local access and both local and remote often fail completely.
The problem appeared mysteriously in the middle of the night a few days ago and appeared to be related to SQL and the SMTP server. Disabling these made it work a little (But still slow and unstable). As I had touched nothing in ages I figured restoring a backup would just restore the problem and as I planned to move to VMs and such along with needing to replace some parts in the server, I decided to use the opportunity. It shouldn't be too hard to set back up again. I'll lose my database, but only because I can't be bothered to export a copy, there's nothing more than test data in it and I have a script to generate a new one.
The configuration was changed a lot over the years and performance black holes have been appearing for a while, I knew something like this was going to happen eventually and it's no real loss, everything important is backed up.
The D-Link's have never been a problem and appear to still be working fine, getting near max throughput with the laptop at the same time as watching movies (with minimal compression) over the network on the same machine, so that has nothing to do with it here and the VLANs are set up fine as well so far as I am aware.
I have discovered that, regardless of hardware, IIS 7.5 is as far as I can go, so Windows 2008 R2 appears to be my limit. This is due to my reliance on some old technologies and my reluctance to scrap them and replace the site.
Apparently Reverse Proxy is fairly trivial using Application Request Routing (An extension) and URL Rewrite. I have yet to test this, but I don't see why it won't work as the examples I have seen are doing the exact same thing I am trying to do. All but a couple of Gigabytes of what I want to copy from my new drive before wiping it are done, it was nearly finished but the eSATA lead fell out and my friend was here, so I decided to leave it for today. Currently digging up Server 2008 R2 as I am sure I have it somewhere but only used it briefly on a server that died way too quickly some years ago. I am not sure the Atom 330 is ideal for it, but as I serve mostly static pages and only limited ASP (with even less reliance on SQL because I hate SQL) it should be fine once the RAM is upgraded. It appears no modifications will have to be made to the JNOS server's configuration, which suits me because it is rather unpredictable when trying to make it do unusual things. It seems these extensions to IIS are free, but I am as yet unsure, I will probably test it tomorrow and find out.
Sucks that my web and FTP are offline in the mean time, this would happen when the XP fail-over isn't working and I just can't be bothered to set up my DOS fail-over to do the job for now. I am hoping to have the regular services online again within the next couple of days.
I shall post another update when I have run some tests, sharing my findings for people who might read this thread later attempting to do the same thing.
However, I have discovered that FPSE is not included and must now be BOUGHT from a third party... Err... why? It was free before, so why the hell should I pay for it now. I have no shame in admitting I shall make an attempt to pirate or self-crack the software if it comes to that, but if that can't be done I'll have to look into doing this on my preferred IIS 6.0 (That interface in 7.5 is worse than I remember! It is HORRIBLE!) though have no idea how I'd really get that to work... Possibly with some CGI, but the overhead that would cause is not something I really want.
Fuck WebDAV before someone points that out. No, just no, not happening. I thought we lived in the 21st century? So yeah, clearly full WYSIWIG editors aren't a thing anymore, now we have to edit the site offline and blind because there's no way to know if the extensions are doing anything or even working, not to mention they will then do nothing one published because the server doesn't support such basic functionality anyway. I suppose i could create an even larger mess;
My thoughts are that I can instead run 2008 on the bare metal, but host nothing on it. Set up the most basic IIS/ARR/URW configuration in the world and reverse proxy both the virtual server and the JNOS server. The pages should get dragged through the 'proxy' after the FP-specific stuff has happened already. My only concern is how the proxy seems to have a limit set on the file size, it cuts off part way through sending test MP3's and Videos (Something i don't actually use on the sites, but use when testing because they are larger than the expected files) but this is probably adjustable, I'd bet I could probably fix it fairly easily. (Edit: Chrome is the problem, I've seen it happen before but it just happened several times in a row today - no idea what it is, Chrome's HTML5 seems to be a bit wonky sometimes, perhaps I should update my ancient version anyway, would probably help).
This would be good in theory because firstly, I'd own a valid license for all of the software in use - I'd just be cheating, but the license agreement doesn't say this is prohibited - and it may add a layer of security because any query made of the server returns the IIS 7.5 server regardless of what you actually get when pointing your browser to that URL. It may break FrontPage editing from outside of that vLAN, but that isn't necessarily a bad thing and I have ways around it that I can implement if I think I will need to edit those pages when I'm not going to be able to sit behind the network. For example, it is very easy to forward remote control of a machine/VM to use for editing if I am not here and have the machine scheduled so it is only online when I want to use it, I could even Wake-on-modem it if I wanted to do it that way and make sure nobody could tamper with it easily. I could probably also use some kind of mapped drive/directory sharing and have the static pages available to the IIS 7.5 and IIS 6.0 servers, so if the VM needs shutting off for reconfiguration or some such, I can disable the proxy and serve a limited version of the site until the VM comes back. Similarly, I had always planned to have the JNOS server's site (99.99% static anyway) mirrored on the IIS server in case the JNOS box had to be switched off at any time, so it isn't like I'm doing much beyond the scope of what i already intended there and it adds a level of redundancy. It would be good if this idea works in practice and we shall see, but I think I may go back to sleep for a while, slept horrible last night.
Ugh, the adventure continues. At least I'm learning new stuff I guess, that is always a good thing even if it can be frustrating. Also, Windows 7's netcode sucks;
Gigabit X-Over cable, Large Send Offload disabled, still slower than hell. Inaccurate counter too, that folder is several Gigabytes in size and the copy has just started.
I have gotten things to work most of the way now, including reverse proxy. Thanks for the help.
The HTTP and FTP are different VMs now.
The second server is online at the time of writing, but that isn't information I have any reason to make public yet. Still, if you want an adventure you can try adding dos. before the web address and you should get things back from it. Be warned, it currently does very little beyond play an obnoxious song and if you find your way into the list only one incomplete article available (the server itself) though even less complete and outdated, rambling versions of hooker.htm and tim.htm might be loadable if you type those in.
