Re: Small web server and DNS

From: Jeff Cochran (jeff.nospam_at_zina.com)
Date: 03/26/05 

Date: Sat, 26 Mar 2005 18:58:16 GMT

On Sat, 26 Mar 2005 03:53:03 -0800, Perpetually perplexed
<Perpetuallyperplexed@discussions.microsoft.com> wrote:

>I appreciate your dilligence, Jeff. DHCP is enabled on the router, disabled
>on the server. I'm not sure which dns's to use. We have a port 80 issue so we
>use no-ip (dot com) to bounce through 8080. I have tried aligning the
>internal > control panel > network connections > local area connection
>(shared) > tcpip properties > dns, ip configuration to no-ip's dns's to no
>avail. No-ip directs both registered domain names to our router's ip. The
>router passes requests through to 192.168.1.20 which is our web server.
>That's as far as we get. I've used host headers w/"all unassigned" ip's,
>w/individual static 192.168.1.21, 22, etc. ip's. No luck.

First let's get it working internally. We'll use a HOSTS file entry
to get the name resolution for the two sites. I don't see the site
names posted, so I'll use examples:

We have two web sites, called A and B. We'll use two domain's for
these, called a.com and b.com. We want anyone to be able to go to
http://www.a.com/ or just http://a.com/ and get to site A. The same
for site B only using the b.com domain. We'll use 192.168.1.20 as the
IP address shared between sites.

Your hosts file is located at c:\windows\system32\drivers\etc\hosts.
There's no extension, so if you see hosts.sam, it's not the correct
file. Either open the hosts file in Notepad or create a new text file
in that folder, name it "hosts" and edit that in Notepad. We want
four lines added to this file:

192.168.1.20 a.com
192.168.1.20 www.a.com
192.168.1.20 b.com
192.168.1.20 www.b.com

The hosts file will resolve any request to those host/domain names to
the same IP address, the one your web server uses. The hosts file has
to be on the system you browse from, so if you're browsing from the
server put it on the server. If from a workstation inside your
network, put it on the workstation. Make sure Notepad doesn't add the
.txt extension when it saves, if it does rename it with no extension.

You can check resolution from a command line with a ping, by the name.
Ping www.a.com should result in a successful ping to 192.168.1.20, as
should all the other names we added. The hosts file is an alternative
to DNS for name resolution and gives us what we need to check the host
headers before we get the DNS entries correct.

Now, in the IIS management console, choose web site A and right click
on it. Choose Properties. On the web site tab, make sure the IP
adrress for the site is 192.168.1.20, TCP Port 80. Clcik the Advanced
button, and under multiple identities for this site, click Add.

Adding the identities, use the same IP address and port fo all the
identities on both sites, 192.168.1.20 and port 80. For the first
host header value on site A, use "www.a.com". Clcik Okay and you have
one identity. Click Add again, and add the identity with the host
header of "a.com". Now you have two identities for the same site, and
a request to http://www.a.com/ or just http://a.com/ will resolve not
only to the IP address of 192.168.1.20, but also be served by that web
site.

On your second site, site B, do the same exact steps but use
"www.b.com" and "b.com" for the two identities. The IP address is
always the same (we only have one) and the port is always 80 (it will
get handled by your dynamic IP service when we test the exterior use).

Now, from the system with the hosts file on it, open Internet Explorer
and type "http://www.a.com/" in the address bar. You should see the
web page for site A. If you use "http://www.b.com/" you should see
site B. Make sure you have default pages for each site and that they
are different. To test you can use a HTML file that just says:

<html><body><p>Site A</p></body></html>

Site B's page should just say Site B.

Let me know how that works, once that's working we'll wok on getting
the external access resolved. If you don't mind posting the real
domain names I can check external name resolution and tell you wahta
needs to be added/changed.

Good luck.

Jeff

>"Jeff Cochran" wrote:
>
>> On Fri, 25 Mar 2005 16:53:02 -0800, Perpetually perplexed
>> <Perpetuallyperplexed@discussions.microsoft.com> wrote:
>>
>> >No. As soon as I add ANY host header I cannot get any site to work. I've
>> >assigned each site a different ip w/no header. Thereby only allowing me to
>> >hit each site w/the ip; internally only.
>>
>> Ah. First, assign both to one IP. The IP that is routed to from your
>> single external IP. With separate IP addresses you wouldn't need a
>> host header, and one external IP can't be routed to two internal IP
>> addresses.
>>
>> Now, where is your DNS for these sites? Is it at your ISP or do you
>> maintain it? We need to set up name resolution that's available to
>> you as well as external, to resolve the name to the IP address. Once
>> that's done, we'll assign host headers matching those names.
>>
>> Jeff
>>
>>
>> >"Jeff Cochran" wrote:
>> >
>> >> On Fri, 25 Mar 2005 13:29:03 -0800, Perpetually perplexed
>> >> <Perpetuallyperplexed@discussions.microsoft.com> wrote:
>> >>
>> >> >Just wondering...If I gave you remote access via XP's virtual desktop could
>> >> >you look and get a better idea?
>> >>
>> >> I prefer not to, but it's nothing personal. Plus. I'm pretty sure you
>> >> can work this out with some help.
>> >>
>> >> First, do you have the host headers working from any workstations at
>> >> all or does the second site always pull up the first no matter where
>> >> you browse from? And second, there is a single IP on the system,
>> >> correct? It can be an internal IP and your router translates the
>> >> external to that internal IP, you said you had 192.168.x.x IP
>> >> addresses.
>> >>
>> >> Jeff
>> >>
>> >>
>> >> >I'm firing blanks.
>> >> >
>> >> >"Jeff Cochran" wrote:
>> >> >
>> >> >> On Fri, 25 Mar 2005 11:05:06 -0800, Perpetually perplexed
>> >> >> <Perpetuallyperplexed@discussions.microsoft.com> wrote:
>> >> >>
>> >> >> >Yea, I've used that article to no avail. Do I need both headers AND internal
>> >> >> >ip's? Cause whenever I assign a header w/an ip I cannot do an internal
>> >> >> >browse. Only when I remove the header can I browse. Is there an ASCII file
>> >> >> >somewhere that the site wizard writes that I can check?
>> >> >>
>> >> >> Host headers simply direct the browser to the appropriate site based
>> >> >> on the host information in the HTTP header. The problem with them is
>> >> >> that if there is no host header matching the HTTP header, then it goes
>> >> >> nowhere.
>> >> >>
>> >> >> One solution is to add any valid host information that might show in
>> >> >> the HTTP header as an additional identity in the host headers for the
>> >> >> site. That includes the IP address if you might browse by IP,
>> >> >> internal or external, and even "localhost" and 127.0.0.1 if you might
>> >> >> use those.
>> >> >>
>> >> >> Another solution is configuring your internal DNS to resolve the host
>> >> >> name to the internal IP, while the external DNS resolves to the
>> >> >> external IP. The host header is the same, you're just hitting a
>> >> >> different IP address.
>> >> >>
>> >> >> The thrid way is to use a router or firewall that allows you to browse
>> >> >> the external IP from the internal interface. This depend son the
>> >> >> router/firewall and NAT configuration as to whether it's even
>> >> >> possible.
>> >> >>
>> >> >> Jeff
>> >> >>
>> >> >>
>> >> >>
>> >> >> >"Jeff Cochran" wrote:
>> >> >> >
>> >> >> >> On Fri, 25 Mar 2005 07:33:01 -0800, Perpetually perplexed
>> >> >> >> <Perpetuallyperplexed@discussions.microsoft.com> wrote:
>> >> >> >>
>> >> >> >> >
>> >> >> >> >So far so good...I have regestered both aaa.net and bbb.net, created host
>> >> >> >> >headers aaa.net and bbb.net, created root directories, and assigned static,
>> >> >> >> >internal(192.168.x.x) ip's. But i am still directed to the default web site
>> >> >> >> >while using either aaa.net or bbb.net from outside.
>> >> >> >>
>> >> >> >> Then your headers may not be configured correctly. See:
>> >> >> >>
>> >> >> >> HOW TO: Use Host Header Names to Configure Multiple Web Sites in
>> >> >> >> Internet Information Services 6.0:
>> >> >> >> http://support.microsoft.com/?id=324287
>> >> >> >>
>> >> >> >> Jeff
>> >> >> >>
>> >> >> >> >"Leythos" wrote:
>> >> >> >> >
>> >> >> >> >> On Fri, 25 Mar 2005 06:31:02 -0800, Perpetually perplexed wrote:
>> >> >> >> >> >
>> >> >> >> >> > I am trying to host 2 sites on my 2003 web edition server. I cannot
>> >> >> >> >> > access anything but the default site from outside the network. After
>> >> >> >> >> > reading similar posts I concluded I need to set up an internal DNS
>> >> >> >> >> > server. How would I create the appropriate zones using the names aaa.net
>> >> >> >> >> > and bbb.net? I only have one ip address to use. Thanks in advance.
>> >> >> >> >>
>> >> >> >> >> From the outside you need a PUBLIC DNS record for each sites name - if you
>> >> >> >> >> have aaa.net then you need a public domain name called aaa.net that points
>> >> >> >> >> to the single public IP of your network, same with bbb.net, a public DNS
>> >> >> >> >> record for it too - same IP.
>> >> >> >> >>
>> >> >> >> >> On the web server, you need to create a root site for each site, a aaa.net
>> >> >> >> >> and a bbb.net and then use HOST HEADER information to differentiate site
>> >> >> >> >> aaa from bbb. I usually set the HH to allow aaa.net, www.aaa.net, and then
>> >> >> >> >> the other one to bbb.net and www.bbb.net.
>> >> >> >> >>
>> >> >> >> >> For internal resolution of the web domains, you might want to setup and
>> >> >> >> >> Internal DNS server or use a HOSTS file. I manage about 100 websites on a
>> >> >> >> >> couple servers and we use an internal DNS server with the domain names and
>> >> >> >> >> their subs and point to their INTERNAL IP addresses so that internal users
>> >> >> >> >> can access them, our firewall would not allow them to access from inside
>> >> >> >> >> the LAN through to the DMZ with a public IP natted to a private IP.
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >> >> --
>> >> >> >> >> spam999free@rrohio.com
>> >> >> >> >> remove 999 in order to email me
>> >> >> >> >>
>> >> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >> >>
>> >>
>> >>
>>
>>