{"id":251,"date":"2014-08-25T17:54:54","date_gmt":"2014-08-25T17:54:54","guid":{"rendered":"https:\/\/carminebufano.com\/?p=8"},"modified":"2021-02-25T13:19:51","modified_gmt":"2021-02-25T18:19:51","slug":"how-to-configure-many-web-servers-behind-one-public-ip","status":"publish","type":"post","link":"https:\/\/carminebufano.com\/index.php\/2014\/08\/25\/how-to-configure-many-web-servers-behind-one-public-ip\/","title":{"rendered":"How to self host many web servers with different domains & URLs with one public IP"},"content":{"rendered":"

There are scenarios where you only have one public ip address but want to host many domains, each on their own dedicated virtual or physical server.\u00a0 For instance you may want to host several different WordPress sites from your home using several old computers from circa 1998 you found in a closet sitting ontop of a stack of Zip drives, and your trusty.. OK, well.. semi-trusty home internet connection. \u00a0 I did some online digging and was shocked to find that most people, even many experts claim that this is not possible.\u00a0 This is absolutely possible!\u00a0 I will show you how!\u00a0 First, before we begin, the regular old disclaimer applies here.\u00a0 I’m not claiming this is the only, best, or even correct way to do this.\u00a0 I’m simply explaining the steps I took, and what worked for me.\u00a0 I am not responsible if mid way through, your internet connection zaps you and you wake up back in 1992… OK well with that out of the way.. lets get to the FUN!<\/p>\n

First a diagram!<\/p>\n

\"\"<\/a><\/p>\n

Above on the left is a typical home network.\u00a0 You have the Internet connected router that you most likely received from your ISP.\u00a0 Connected to that router you have all of the devices that make up your home network (not shown) like laptops, pc’s printers, mobile devices etc.<\/p>\n

What we are going to do is set up a linux machine running Ubuntu server 14.04 with two network cards in it.\u00a0 We will then install and configure Pound proxy on this machine (middle of diagram).\u00a0 We will connect the first network card on the machine, labeled “eth0” to the existing home network and assign it a static local ip.\u00a0 The second network card will connect to each of our web servers either through a physical or virtual layer 2 switch.\u00a0 The Ubuntu machine running Pound proxy, (just Pound proxy from now on) and the web servers can be physical or virtual machines and the setup process for each are almost identical, except for when we get to the layer 2 switch between the Pound proxy and the web servers.\u00a0 I will walk through the configuration steps for setting up physical machines, and also virtual machines running on Citrix Xenserver.<\/p>\n

The machine to use as the Pound proxy does not need much power at all. You can get away with 512mb ram, 8gb hard drive, however you do need two network cards installed in the machine.\u00a0 Also connect one of the network cards, preferably the one that the system will recognize as the first network card or “eth0” to your existing home router before you proceed.<\/p>\n

The first step is to install Ubuntu Server 14.04<\/a> on said machine, you can grab an ISO here.\u00a0 <\/a>Simply burn the iso to a disc, place in machine and boot from the disc (if a physical server) or boot your virtual machine from the iso file. I’m not going to go into the details of the install because it is pretty straight forward, like installing any other OS.\u00a0 There are also many good guides<\/a> on installing Ubuntu online as well.\u00a0 A couple of key points are: When the system detects the network devices, it will assign names “eth0” & “eth1” to them, make sure that you plugged the network cable from your router into “eth0” and not “eth1”, if you did plug it into the wrong port, then Ubuntu will fail to set up dhcp on interface eth0. This is no problem, just plug the cable into the other nic and then tab to “try again” and hit enter.<\/p>\n

\"Ubuntu<\/a>

Ubuntu NIC Screenshot<\/p><\/div>\n

When you get to the part of the installation that asks you to choose what software to install on the server make sure only “ssh” is checked, as that is all that we will need.<\/p>\n

\"20140825-114727.jpg\"<\/a><\/p>\n

When installation is done and machine is rebooted, we will boot into the terminal of a fresh Ubuntu Server 14.04.<\/p>\n

Login using the username & password created during the install.<\/p>\n

Commands to type are in white boxes below and can be easily copied and pasted.<\/p>\n

Once logged in lets turn into the root user with the following command.<\/p>\n

\nsudo su
\n<\/pre><\/code>You will be prompted to enter you password.<\/p>\n
At this point we need to hard code a ip address outside of the home routers dhcp range. So if your home router distributes ip’s from a range between 192.168.1.100 and 192.168.1.200 (you will have to log in and check), you will want to hard code a ip address outside of that range. For my machine I am going to use 192.168.1.20. I am also going to configure my router to forward TCP port 80 to 192.168.1.20, this way all http requests will go directly to the Pound proxy.<\/p>\n
Using the nano text editor lets open the network configuration file and configure a static or hard coded ip for both interfaces.<\/p>\n
\nnano \/etc\/network\/interfaces
\n<\/pre><\/code>Modify the section:<\/p>\n
 # The primary network interfaceauto eth0iface eth0 inet dhcp <\/pre><\/code><\/pre>\n
to look like this:<\/p>\n
# The primary network interfaceauto eth0iface eth0 inet staticaddress 192.168.1.20netmask 255.255.255.0gateway 192.168.1.1broadcast 192.168.1.255dns-nameserver 8.8.8.8 8.8.4.4# Pound Back-end Networkauto eth1iface eth1 inet staticaddress 10.0.0.1netmask 255.255.255.0broadcast 10.0.0.255 <\/pre><\/code>Press <CTRL> + X<\/pre>\n
Then “Y” and “enter” to save the file.<\/p>\n
both interfaces are now configured. Now lets activate the second interface that we will connect to the Layer 2 switch and to the Web servers.<\/p>\n
ifup eth1<\/pre><\/code>Lets update the os.<\/pre>\n
apt-get update && apt-get upgrade -y<\/pre><\/code>Install Pound.<\/pre>\n
apt-get install pound<\/pre><\/code>Now, if your on a physical machine at this point you are going to need to plug your second nic into a layer 2 switch. If you do not have one laying around just google \"network switch\" and any will do, chances are your home internet upload speed are very slow, so spending more than $10 - $15 here for something over 100mb\/s is going to be a waste. Unless you are not doing this at home or have a nice upload bandwidth, then by all means, chose what fits you best.\u00a0 Also you are going to need as many ports as you have web servers. So if you plan on running 15 Web Servers you will need a 16 port switch (one for each web server and one for the proxy).<\/pre>\n
Next lets configure Pound.<\/p>\n
Lets say we have two web servers connected to the switch.<\/p>\n
webserver 1 will host abc.com and its ip address is 10.0.0.2<\/p>\n
Webserver 2 will host 123.com and its ip address is 10.0.0.3<\/p>\n
We now want to configure pound so that it listens on eth0, 192.168.1.20 port 80 for incoming http requests.<\/p>\n
Once it receives these requests we want pound to look at the url and filter it so that all requests for abc.com are sent to 10.0.0.2<\/p>\n
and all requests for 123.com are sent to 10.0.0.3<\/p>\n
To do this we edit the following file like so:<\/p>\n
<\/pre>nano \/etc\/pound\/pound.cfg
<\/pre><\/code>edit below the section that starts with:<\/pre>\n
\"## listen, redirect and ... to:\"\u00a0 to look like this:<\/p>\n
<\/pre>ListenHTTP Address 192.168.1.20 Port\u00a0\u00a0\u00a0 80 ## allow PUT and DELETE also (by default only GET, POST and HEAD)?: xHTTP1 Service HeadRequire \"Host: .*abc.com.*\" BackEnd\u00a0 Address 10.0.0.2 Port\u00a0\u00a0\u00a0 80 End End Service HeadRequire \"Host: .*123.com.*\" BackEnd Address 10.0.0.3 Port 80 End EndEnd 
<\/pre><\/code><\/pre>\n
You would repeat this pattern for every server. The only difference is that the final line has one more \"End\" at the end.<\/p>\n
So if you had 100 web server there would be a url pattern and ip address for each host.<\/p>\n
thats it!<\/p>\n
Now restart the pound service for the configuration to take effect.<\/p>\n
<\/pre>service pound restart
<\/pre><\/code>You should now navigate to the url abc.com and the request will be served by the webserver at 10.0.0.2 and you will see the content on that web server.<\/pre>\n
Likewise, if you navigate to 123.com the request will be server by the host at 10.0.0.3<\/p>\n
*Note<\/p>\n
Configure your domain names that you own, to point to you public ip address. This usually involves logging into your account with whomever you bought the domain names from and just configure the dns A file to point to you public ip address.<\/p>\n
Next I will go over this same setup in a Citrix Xenserver environment with virtual networking.<\/p>\n
Also, I will go over standing up a new apache2 web server and lamp stack.<\/p>\n","protected":false},"excerpt":{"rendered":"
There are scenarios where you only have one public ip address but want to host many domains, each on their own dedicated virtual or physical server.\u00a0 For instance you may want to host several different WordPress sites from your home using several old computers from circa 1998 you found in a closet sitting ontop of… Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[11,15],"tags":[17,19,20,21,24,25,27,29,31,32,36,37,38,41,43,44,51,52,53,54],"class_list":["post-251","post","type-post","status-publish","format-standard","hentry","category-ubuntu","category-walkthroughs","tag-apache2","tag-behind","tag-citrix","tag-configure","tag-ip","tag-lamp","tag-many","tag-multiple","tag-one","tag-only","tag-pound","tag-proxy","tag-public","tag-reverse","tag-servers","tag-stack","tag-walkthrough","tag-web","tag-with","tag-xenserver"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":611,"url":"https:\/\/carminebufano.com\/index.php\/2023\/06\/26\/the-dynamic-infrastructure-dilemma\/","url_meta":{"origin":251,"position":0},"title":"The Dynamic Infrastructure Dilemma","author":"Carmine Bufano","date":"June 26, 2023","format":false,"excerpt":"I have about 10 servers, several routers, and 5 enterprise and open switches. I want to rewire all of these things in different configurations frequently. I also want to change the hypervisors that run on the 10 servers. i want to do this the easiest way possible. Remotely. If I'm\u2026","rel":"","context":"In "Walkthroughs"","block_context":{"text":"Walkthroughs","link":"https:\/\/carminebufano.com\/index.php\/category\/walkthroughs\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":374,"url":"https:\/\/carminebufano.com\/index.php\/2020\/11\/12\/cloudron\/","url_meta":{"origin":251,"position":1},"title":"CLOUDRON","author":"Carmine Bufano","date":"November 12, 2020","format":false,"excerpt":"CLOUDRON is a platform that makes it easy to run and maintain web apps on your server. Save $30 with this Referral Code: 61ea681e4f5547a5 https:\/\/www.cloudron.io\/ cloudron.io This software automates your domains dns when creating sub domains. It automatically takes care of TLS and SSL certificates through Let\u2019s encrypt\u2019s https:\/\/letsencrypt.org API.\u2026","rel":"","context":"In "Walkthroughs"","block_context":{"text":"Walkthroughs","link":"https:\/\/carminebufano.com\/index.php\/category\/walkthroughs\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":592,"url":"https:\/\/carminebufano.com\/index.php\/2022\/12\/17\/how-to-manually-remove-vmware-nsx-t-components-from-an-esxi-host\/","url_meta":{"origin":251,"position":2},"title":"How to Manually Remove VMware NSX-T Components from an ESXi Host","author":"Carmine Bufano","date":"December 17, 2022","format":false,"excerpt":"A lab is very dynamic by nature. In stark contrast, data center infrastructure is engineered to be as static as possible once it is configured. So naturally when you have a data center lab you it's only a matter of time before you come across weird anomalies just from the\u2026","rel":"","context":"In "Walkthroughs"","block_context":{"text":"Walkthroughs","link":"https:\/\/carminebufano.com\/index.php\/category\/walkthroughs\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":829,"url":"https:\/\/carminebufano.com\/index.php\/2025\/12\/26\/how-to-get-real-public-ip-addresses-at-home-lab-wireguard-ip-transit-complete-guide\/","url_meta":{"origin":251,"position":3},"title":"How to Get Real Public IP Addresses at your Home Lab: WireGuard IP Transit Complete Guide","author":"Carmine Bufano","date":"December 26, 2025","format":false,"excerpt":"A Complete Guide to why Core Transit's WireGuard IP Transit Service is so incredibly awesome for you lab Bypassing CG-NAT with style - a detailed technical walkthrough The Problem: CG-NAT Hell If you're reading this, you probably know the pain. Your ISP puts you behind Carrier-Grade NAT (CG-NAT), which means:\u2026","rel":"","context":"In "Walkthroughs"","block_context":{"text":"Walkthroughs","link":"https:\/\/carminebufano.com\/index.php\/category\/walkthroughs\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":733,"url":"https:\/\/carminebufano.com\/index.php\/2024\/12\/30\/automating-vmware-network-changes-how-i-turned-hours-of-clicking-into-a-5-minute-powercli-script\/","url_meta":{"origin":251,"position":4},"title":"Automating VMware Network Changes: How I Turned Hours of Clicking into a 5-Minute PowerCLI Script","author":"Carmine Bufano","date":"December 30, 2024","format":false,"excerpt":"Have you ever stared down the barrel of endless repetitive clicks in VMware vSphere, knowing you're in for hours of mindless work? Recently, I faced a scenario where I needed to update hundreds of virtual NICs across just as many virtual machines. Manual changes would have been soul-crushing, so I\u2026","rel":"","context":"In "Programming"","block_context":{"text":"Programming","link":"https:\/\/carminebufano.com\/index.php\/category\/programming\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/carminebufano.com\/wp-content\/uploads\/2024\/12\/3DvSphere-1.jpg?fit=1024%2C1024&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/carminebufano.com\/wp-content\/uploads\/2024\/12\/3DvSphere-1.jpg?fit=1024%2C1024&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/carminebufano.com\/wp-content\/uploads\/2024\/12\/3DvSphere-1.jpg?fit=1024%2C1024&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/carminebufano.com\/wp-content\/uploads\/2024\/12\/3DvSphere-1.jpg?fit=1024%2C1024&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":857,"url":"https:\/\/carminebufano.com\/index.php\/2026\/04\/20\/ovn-integration-coexistence-on-xenserver-and-xcp-ng\/","url_meta":{"origin":251,"position":5},"title":"OVN Integration & Coexistence on Xenserver and XCP-ng","author":"Carmine Bufano","date":"April 20, 2026","format":false,"excerpt":"Research on multi hypervisor network virtualization using Open Virtual Network Summary The cleanest technical path is not to bolt a foreign br-int onto a host that already has its networking lifecycle owned by XAPI. The safer pattern is to let XAPI create and own a dedicated internal network bridge, then\u2026","rel":"","context":"In "CentOS"","block_context":{"text":"CentOS","link":"https:\/\/carminebufano.com\/index.php\/category\/centos\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_shortlink":"https:\/\/wp.me\/p70MUT-43","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/posts\/251","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/comments?post=251"}],"version-history":[{"count":2,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/posts\/251\/revisions"}],"predecessor-version":[{"id":459,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/posts\/251\/revisions\/459"}],"wp:attachment":[{"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/media?parent=251"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/categories?post=251"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/tags?post=251"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}