DNS and internal routing

Ok, here is my wish:

I have a DSL connection with a static IP and a domain name with which I
can edit the DNS entries of.

I have setup an A record and an MX record for home.mydomain.com to
point to my DSL connection's static IP.

On my internal network I have 3 machines. What I would like to be able
to do is create subdomains of home.mydomain.com based on my (ie
internal1.home.mydomain.com, internal2.home.mydomain.com etc..) and
have one of my internal machines receive all incoming traffic and route
traffic to the other internal machines based on the incoming domain
being used.

For example:

internal1.home.mydomain.com recieves all traffic for home.mydomain.com
and subdomains. If I ssh to internal3.home.mydomain.com,
internal1.home.mydomain.com recognises this and routes the traffic
through to internal3.home.mydomain.com

I realise that I can just do this with NAT for specific ports, but
would for the sake of learning, I would also like to learn how to do
this by machine name.

If somebody could point me in the direction of what I should be
learning to acheive this, I would be very appreciative.

Thanks
Scottatron

"Scottatron" <scottatron@gmail.com> écrivait
news:1139650730.511454.219880@g14g2000cwa.googlegr oups.com:

> I realise that I can just do this with NAT for specific ports, but
> would for the sake of learning, I would also like to learn how to do
> this by machine name.

If you have the same IP for all your sub-domain , you can't do that at a
TCP/IP only level. Because the hostname is not send in the TCP/IP
connection.

Except in the upper protocol level. For example, the HTTP protocol send
the request hostname in the http header (fiels HOSTNAME=<domaine or
subdomain requested>).

This is not the case in the ssh protocol. It only open a port (default=
22).

So you can't do that with "simple" routing services. Netfilter can't
solve this problem.

In the case of http, you even have t install a "redirector" (heartbeat,
or squid or apache in proxy mode) that analyse the http header to connect
to the right internal server.


Regards

Thanks Antoine

I figured that might be the case.

So am I correct in saying that I could do this if I had more than one
external IP address? And in that case I would use IPTables?

Scott

"Scottatron" <scottatron@gmail.com> écrivait news:1139700715.148701.326280
@o13g2000cwo.googlegroups.com:

> Thanks Antoine
>
> I figured that might be the case.
>
> So am I correct in saying that I could do this if I had more than one
> external IP address? And in that case I would use IPTables?

Yes, you are correct.


Regards