From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Mqsa8-0002Sv-0d for garchives@archives.gentoo.org; Thu, 24 Sep 2009 17:58:16 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D1543E089A; Thu, 24 Sep 2009 17:58:14 +0000 (UTC) Received: from smtpout.karoo.kcom.com (smtpout.karoo.kcom.com [212.50.160.34]) by pigeon.gentoo.org (Postfix) with ESMTP id 94EB2E089A for ; Thu, 24 Sep 2009 17:58:14 +0000 (UTC) X-IronPort-AV: E=Sophos;i="4.44,446,1249254000"; d="scan'208";a="128966593" Received: from unknown (HELO compaq.stroller.uk.eu.org) ([213.152.39.90]) by smtpout.karoo.kcom.com with ESMTP; 24 Sep 2009 18:58:13 +0100 Received: from [192.168.1.71] (unknown [192.168.1.71]) by compaq.stroller.uk.eu.org (Postfix) with ESMTP id 3E370A88B for ; Thu, 24 Sep 2009 18:58:10 +0100 (BST) Message-Id: From: Stroller To: gentoo-user@lists.gentoo.org In-Reply-To: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 (Apple Message framework v936) Subject: Re: [gentoo-user] Re: OT: iptables w/ 2 web servers Date: Thu, 24 Sep 2009 18:58:06 +0100 References: X-Mailer: Apple Mail (2.936) X-Archives-Salt: 7f263f32-9718-4815-ae80-5ec51fbd533f X-Archives-Hash: feb4b0b4b3a843fbc905482536a801ed On 24 Sep 2009, at 16:30, James wrote: > ... > So the best I can do is forward all traffic( 80, 443, etc) for the > group of websites to a proxy behind the firewall, then use software > such as what kashani suggested (proxypass, Squid, ngnix, > lighttpd, or Varnish) and parse the traffic with some form of > vhosts implementation on a single server (nated IP)? I think you can simply forward to server A. If the site is on server A then it's served, if it's on server B then in the vhosts for that site on server A you can proxy for server B. Of course if server A goes down then you're stuffed. > Then if the load of the combined virtual hostings becomes too large, > I use a group (cluster) of servers that and implement some sort of > load > balancing across the machines that each contain complete copies of > each website? > > Then there is the question of how to keep the individual machines > 'in sync' and the limitation that once a machine is saturated > (performance > suffers too much due to insufficient resources) there > is no solution for expansion? This surely exceeds what you'll be hosting on a NATted home connection? > One last thing. I can get a small subnet of say 5 IP address from my > ISP for an additional 20/month. That that help me? I want to put up > dozens of small charitable web sites. None will have a huge user base, > but I was going to stream some limited video from each of them. Yes, this certainly overcomes the original problem. You have a separate IP for each server and the DNS for each site directs appropriately. Not all routers support this configuration and, 5 years ago, I found it a little cumbersome to set it up in Linux (it's called "bridging"). No doubt the situation has improved a lot since then. Stroller.