Topic: LAMP server behind SME server.

[tropicalview]

Hi All,

I have a SME server in gateway mode at a school.
they have now assigned a student project to build an LAMP server (like http://www.howtoforge.com/perfect-server-ubuntu-9.10-ispconfig-3) and create 2 websites.
surely they want to put the server online and place 2 domains on it with web, ftp and e-mail.

the problem is that the SME server is already using the ports for these services, is there any way of (port) forwarding to the other server in the private network of the SME (actual a vmware machine on the same machine)

Hope someone can give my a good idea or tip.
Have a nice weekend and happy Halloween!!!

[arne]

Yes and no, and yes again, but this might be, in some way, more a Vmware question than a SME server question. I have done simular things many times, but how to do it will vary with how things are set up.

Is the SME server the gateway and the Vmware host system, or is it an other operation system that is the host system with the SME server and the Ubuntu as guests ? Is the virtual ubuntu a part of the logical lan network ip range ? (Same subnett, and virtual lan bridged over to physical lan ?)

I guess it is the first setup, the SME is the host, and I also guess that that it is not possible to forward port 80 to a internal virtual server.

But actually, I think there is a method that could work for such a student project:

You just use the virtual server or a lan server on a port that the sme server does not use, lets say tcp port  81,82,83,84 or 85.

In the Ubuntu server somwhere under /etc/ there is a file or something named httpd.conf (As far as I remember.)

Inside this file there is a statement that specifies the Ubuntu/Apache web servers port number. This port number can be changed to allmost any value you like.

Then set the Ubuntu/Apache to lets say port 81.

Then it should be possible to use the standard SME server portforwarding mechanism to forward port 81 to the virtual server.

From the outside it should be possible to address the virtual server like this: http://123.123.123.123:81 (or http://www.yourdomain.com:81 )

If the students like to se the web page with their own free domain and without the need of specifying port 81 they can only use a html frame and run http://123.123.123.123:81 inside a big frame, using a free domain name that use this method, like dot tk.

No, it is not my webpage, it is just an excample that I found by coinsidence: http://www.arne.tk/

The standard sme portforwarding configuration setup is under server-manager, Security, port forwarding. It should be just to forward port 81.

[arne]

I'm not sure where Ubuntu 9.10 has its httpd configuration file, but I wonder if this information can be used:

https://help.ubuntu.com/9.04/serverguide/C/httpd.html

If the idea of using an alternative tcp port for the virtual server, question can also be asked in Ubuntu forum.

[tropicalview]

Hi Arne,

thank you for your replies.
they have put me to think some deeper than before.

I decided to test this setup:

I asked my ISP to provide one more Public IP address, and i will put the vmware bridged over the wan port.
then i have a complete stand alone server for this.

I will update you if the project has started and we have proof of this concept.

Kind regards,

[arne]

If the SME server runs "at the bottom" as the host system, then there would be one situation, with a certain number of ways that things can be done. The important question will then be: "How will the vmware bridge or nat and the SME server nat relate to each other", and "when a packet arrives from the outside, what will it meet first the wmware bridge or the SME server nat ?"

If there is another system running "at the bottom" as the host system (I use Centos 5 64 as host system myself) and the SME server is only a guest system (but then it might normally be a server-only installation), then the situation would be a bit different and more easy to handle, I believe.

As I am running it I use Centos 5 64, as mentioned as host, then Vmware server, then a virtual NAT gateway that is a Smoothwall installation, and then on a virtual lan behind the virtual gateway, virtual sme servers and other servers as required.

With this setup you are completely free to change the port forwarding via the Vitual Smoothwall installation as you like.

The external port 80 can be forwarded to any virtual servers and this arrangement can be changed in one minute via the Smoothwall admin panel.

Also other gateway distros like Monowall works perfect as such a "Virtual gateway".

You can also be free to forward to a virtual server on virtual lan or dmz or physical server on lan.

I expected there to be some kind of instability in such a setup, but there is not. (One year 24/7 no bugs, no instability.)

In such a setup it will not be "LAMP server behind SME server" but "SME server side by side by other Linux server", and "Common internet connection managed by Smoothwall".

Arne.

[Stefano]

Hi All,

I have a SME server in gateway mode at a school.
they have now assigned a student project to build an LAMP server (like http://www.howtoforge.com/perfect-server-ubuntu-9.10-ispconfig-3) and create 2 websites.
surely they want to put the server online and place 2 domains on it with web, ftp and e-mail.

the problem is that the SME server is already using the ports for these services, is there any way of (port) forwarding to the other server in the private network of the SME (actual a vmware machine on the same machine)

Hope someone can give my a good idea or tip.
Have a nice weekend and happy Halloween!!!

I think that you should read this

HTH

[arne]

This is bether than the alernative port 81 solution but "the full vmware solution" will also give e-mail and ftp, and also all other ports and protocols as well. There should be a few alternatives now.