I have to apologize for the site problems today. I’ve been installing a new network firewall/hub, and encountering any number of irritating problems along the way.
Right at the moment I can’t get any of my virtual hosts to work. If you expected to go to the Dawn of Asgard or Solstice sites and are reading this instead, thats why. I hope to have things figured out shortly, but for the moment, things are sumewhat fubar’d.
I am close now to having all three sites working in their entirety. The main part of the problem regarding getting my named virtual hosts to work boiled down to the fact that the server now has two IP “faces”. One, on my internal LAN with a non-routable IP address, and a second, on the Internet, with a routable IP address that is NAT’d with the internal address.
The HTTP server was basically skipping over my VHost settings because it was not resolving to the host name I had used to define them.
I’m currently looking into the fact that Telus, my ISP, apparently doesn’t permit one to one network address translation (NAT). Every IP address with Telus apparently has to resolve to a unique MAC address, The way I understand it, a one to one NAT resolves multiple IP addresses to a single MAC address (the MAC address of the router). The router then manages directing the traffic to the correct translated internal address.
If I’m right and Telus’ method for allocating IP addresses one to one to unique MAC addresses “breaks” one to one NAT, I may be looking for a new ISP shortly…
Sigh…well, after about 10 hours of trying, I couldn’t get my Linux server to stay visible/connected behind the firewall. So, for the moment, its back out in my DMZ. I’m grasping at straws as to why…the server has an older NIC, and maybe it doesn’t play well with the newer switching routers? It seems to work just fine on the DMZ hub…and if I try the same basic firewall configuration settings but with Apache running on my Windows XP box, it seems to work fine…go figure.
I’ve checked most of the obvious things: the Linux box isn’t running iptables, its routing seems right when its behind the firewall. Doubly odd is the fact that when its behind the firewall, half the time I can’t even connect to it via the LAN.