Difference between revisions of "Ubuntu Virtual Servers"
Perspectoff (talk | contribs) (→Using virtual hosts for the Ubuntu server) |
Perspectoff (talk | contribs) (→Using virtual hosts for the Ubuntu server) |
||
Line 12: | Line 12: | ||
== Using virtual hosts for the Ubuntu server == | == Using virtual hosts for the Ubuntu server == | ||
Most large networks will have more than one server listening for SSH connections. In general, I recommend merely [[Changing_the_Astronaut_SSH_port|changing the SSH port]] number for the VistA server and forwarding that port to the VistA server. Then the configuration is simple. The URL used for SSH will be the same URL that is used for the entire LAN. | Most large networks will have more than one server listening for SSH connections. In general, I recommend merely [[Changing_the_Astronaut_SSH_port|changing the SSH port]] number for the VistA server and forwarding that port to the VistA server. Then the configuration is simple. The URL used for SSH will be the same URL that is used for the entire LAN. | ||
+ | |||
+ | If you have multiple SSH hosts on your network (e.g. for multiple VistA servers), then each SSH host will need to have a unique port. | ||
+ | |||
+ | Each host will need to have its unique SSH port specified in the sshd-config file found in the /etc/ssh folder on that host. The router will have the job of forwarding each port appropriately. | ||
+ | |||
<!--->However, you can also have a unique URL for the exclusive use of your VistA Server. It would also be associated with the (WAN) IP address of your LAN (/router), but within the LAN it would advertise itself as the server to which ant traffic sent to that unique URL should be forwarded. | <!--->However, you can also have a unique URL for the exclusive use of your VistA Server. It would also be associated with the (WAN) IP address of your LAN (/router), but within the LAN it would advertise itself as the server to which ant traffic sent to that unique URL should be forwarded. | ||
Revision as of 04:39, 3 March 2010
The idea is to use a URL (such as www.exampledomain.org or vistaserver1.exampledomain.org) for your site (that is registered on an Internet DNS (Domain Name Server)) to access the VistA server, instead of using the actual IP address of the server. Most configurations involve a LAN, and usually the registered URL will point not to the (LAN) IP address of the VistA server itself (within the LAN), but to the (WAN, or Internet) IP address of the router. Therefore, communications arriving at the router must be forwarded from the router (connected to the Internet) to the server (within the LAN) properly.
NAT
Consumer-grade routers generally use NAT port-forwarding to send traffic that arrives at the router to a specific server within the LAN (such as the one hosting the VistA server). Certain types of traffic can be designated as flowing over "ports" and (in the simplest scenario) a specific server can be designated as the destination on the LAN to which all the traffic over a specific port will be sent.
Your router's configuration utility (often accessible from a web browser) allows you to configure "NAT port forwarding" so that traffic arriving at a certain port (such as port 22) will be "forwarded" to a specific server on the LAN (which will have its own unique IP address within the LAN).
With Astronaut, all communications are sent through a secure SSH tunnel. By convention, SSH communications are usually sent on port 22 (but that can be changed). If you only have one SSH server on your LAN, using port 22 will be fine. However, if there are more than one SSH servers on your LAN, or if you want a modicum of greater security, then a different port can be used for SSH.)
Make sure the firewall (if any) on the Ubuntu Server OS (in which the VistA server is installed) does not block port 22 (or whichever port you have decided to use for SSH traffic)!
Using virtual hosts for the Ubuntu server
Most large networks will have more than one server listening for SSH connections. In general, I recommend merely changing the SSH port number for the VistA server and forwarding that port to the VistA server. Then the configuration is simple. The URL used for SSH will be the same URL that is used for the entire LAN.
If you have multiple SSH hosts on your network (e.g. for multiple VistA servers), then each SSH host will need to have a unique port.
Each host will need to have its unique SSH port specified in the sshd-config file found in the /etc/ssh folder on that host. The router will have the job of forwarding each port appropriately.