October 1, 2020

Stelmaszyk.dev

Personal Page – knowledge, hobby, passion

Networking solutions

Different ports, different pages. Of course, it is possible inside of one server, but I did something more. Just to get better efficiency.

Key = Virtualization

As I mentioned in “Server made from second-hand parts“, I am virtualizing servers that handle this page and some others.

This page is working an small Virtual Machine with 1vCore, 1GB RAM and 20GB SSD Memory…..

If you’ll decide to visit “Cloud Storage“, you will be forwarded to another Virtual Machine with parameters:
> 2vCore
> 4GB RAM
> 30GB SSD for System
> 300GB HDD for Storage
> 300GB NFS Disk for Backups
> Debian 10 “Buster”

Port 88/89?

Thanks for scanning 😀 This is another server with Community version of OpenProject Application for Project Management. Same SSL certificate everywhere!

How did you do that?

Everything is based on Firewall (iptables), OpenVPN, Port Forwarding and NATing.
Every Virtual Machine has its own IP in internal VPN (e.g. 10.77.37.4) and whole traffic is being forwarded to the corresponding port, for example:
> You are connecting to my domain on port 8443
> Firewall recognizes, that you are connecting to port 8443
> Port forwarding is configured on server you are connecting to
> Firewall redirects your query to corresponding Virtual Machine on port that is assigned.

SEE EXAMPLE BELOW

#HTTP/HTTPS to WWW SRV
iptables -t nat -A PREROUTING -p tcp -m tcp –dport 80 -j DNAT –to-destination 10.77.37.4:80 iptables -t nat -A PREROUTING -p tcp -m tcp –dport 443 -j DNAT –to-destination 10.77.37.4:443