H-Sphere Documentation Sysadmin Guide

For more information contact us at info@psoft.net

NAT Support
 

In versions 2.2 and higher, H-Sphere supports NAT (Network Address Translation), which allows you to use internal IPs in your local area network. When configuring H-Sphere, use internal IPs in all instances, and H-Sphere will convert them into external IPs for the DNS settings and control panel web interface.

To configure NAT, you need to create the ips-map.xml file in the ~cpanel/shiva/psoft_config/ips-map.xml directory with the content similar to the following:

<ips>
    <ip ext="65.219.197.236" int="192.168.1.27"/>
    <ip ext="65.219.197.237" int="192.168.1.28"/>
    <ip ext="65.219.197.238" int="192.168.1.29"/>
    <ip ext="65.219.197.239" int="192.168.1.30"/>
    <ip ext="65.219.197.242" int="192.168.1.31"/>
    <ip ext="65.219.197.243" int="192.168.1.32"/>
    <ip ext="65.219.197.244" int="192.168.1.33"/>
</ips>

Note: In order for H-Sphere and NAT to work with osCommerce, phpBB, and SiteStudio and for custom scripts to access hosts by domain name, you need to configure your NAT firewall so that your physical servers can address themselves both by external and internal IPs. Alternatively, if you have RedHat Linux running on all servers, you can add the following rule to the iptables for each IP pair on every single box:
iptables -t nat -A OUTPUT -p tcp -d <external> -j DNAT --to <internal>, for example:

    iptables -t nat -A OUTPUT -p tcp -d 65.219.197.236 -j DNAT --to 192.168.1.27
    iptables -t nat -A OUTPUT -p tcp -d 65.219.197.237 -j DNAT --to 192.168.1.28
    iptables -t nat -A OUTPUT -p tcp -d 65.219.197.238 -j DNAT --to 192.168.1.29
    iptables -t nat -A OUTPUT -p tcp -d 65.219.197.239 -j DNAT --to 192.168.1.30
    iptables -t nat -A OUTPUT -p tcp -d 65.219.197.242 -j DNAT --to 192.168.1.31
    iptables -t nat -A OUTPUT -p tcp -d 65.219.197.243 -j DNAT --to 192.168.1.32
    iptables -t nat -A OUTPUT -p tcp -d 65.219.197.244 -j DNAT --to 192.168.1.33

Also, create the following record in the file ~cpanel/shiva/psoft_config/hsphere.properties:
IPS-XML-FILENAME = /hsphere/local/home/cpanel/shiva/psoft_config/ips-map.xml

To disable NAT support, it will suffice to remove this line from hsphere.properties and restart the CP.

For IP migration with NAT, see the guide on changing IPs.


Home   Products   Services   Partners   Support   News   Contact   Forum
© Copyright 1998-2003. Positive Software Corporation.
All rights reserved.