Glen Lee Edwards <glen@xxxxxxxxxxx> writes: > I have several domains that use the same IP address. Can I DNAT them to > different servers based on domain name instead of IP address using > iptables? I've tried the following, but it isn't working: > > iptables -t nat -A PREROUTING -p tcp -d 1st.domain.com --dport 80 -j > DNAT --to-destination 192.168.1.12:80 > > iptables -t nat -A PREROUTING -p tcp -d 2nd.domain.com --dport 80 -j > DNAT --to-destination 192.168.1.13:80 > > Everything is being forwarded to 192.168.1.12 no matter which domain is > used. It appears that the domains are first being translated into the > IP address, which is used instead. TCP packets know nothing of DNS ... an application will 1) look up the name at a DNS server, 2) retrieve the IP from the DNS server, and 3) connect to the IP address. Apache can do virtual domains ... HTTP 1.1 requires that you specify the domain name. - Erik
