Changes

Jump to: navigation, search

OPS335 Web Server Lab

255 bytes added, 16:00, 7 January 2013
Updated to Fedora 17
[[Category:OPS335]][[Category:OPS335 Labs]]
==Basic Apache (Web Server) Setup==
This lab will show you how to set up the Apache Web server using a Fedora 16 17 installed PC.
{{Admon/important|Prerequisites|
Your hard drive should have Fedora 1617, 64 bit Live edition already installed.<br />You have Fedora 1617, 64bit version on VM01, VM02, and VM03
Both your host and all VMs should have SELinux enabled.<br />
Both host and all VMs should have all software updated.<br />
systemctl enable httpd.service
* Using a text browser such as lynx on vm01 go to localhost. You should get the "Fedora Test Page" which indicates your web server is running on the local virtual machine.
*backup your existing iptables rules on vm01.and ensure it meets the following conditions:**Add a rule to allow Allow all packets "to" and "from" the loop back interface "lo".**Add a rule to allow Allow NEW connections to your ssh server and httpd.**Add a rule to allow Allow all RELATED and ESTABLISHED connections.**Change the The default policy on the INPUT chain is set to DROP.*Using Firefox on the <b>host</b> go to address for vm01 "192.168.X.2" (your ip addressing may differ). You should get the "Fedora Test Page" which indicates you can access your web server on VM01 via network connection. Do not continue until this step works. (You may **Once you have to adjust this working, save your firewall settings on VM01iptables.)
*You should also be able to open the webpage using the hostname of vm01.
*Now create your <b>own </b> test page named index.html and put it into directory /var/www/html/. This does not have to anything fancy, just a basic html page with enough content for you to recognize it as your own. Reload the web page on the host - you should see your own test page now.
*Repeat the above steps for vm03.
*Now, as root on f16 f17 (the gateway/host), try to forward incoming http connections to your host to the web server on vm01. Use an iptables command something like this
iptables -t nat -A PREROUTING -i *yourinterface* -p tcp --dport 80 -j DNAT --to 192.168.X.2
*You will also need to create a rule in the FORWARD chain in the default table to accept connections to port 80.
vi /etc/httpd/conf/httpd.conf
*Change your firewall rules on vm01 (and also vm03) to allow connections to this port (8080), and remove the previous rule to allow connections to port 80.
*Restart the apache server on vm01 and vm03 (this may take a minute).*Go back to f16 f17 and redo your iptables command to forward connections to port 80 (on your host) to the new port 8080 on vm01, removing the previous rule for port 80.
*Verify that other students on their PCs can still view your web page.
=== Load balancing using iptables ===
*Iptables can be used for load balancing connections. On your host machine add a rule(s) to the PREROUTING chain that will alternate connections bound for port 80 on your host machine to vm01 and vm03(remove the other rules you just created before doing this).
iptables -t nat -I PREROUTING -p tcp --dport 80 -m state --state NEW -m statistic --mode nth --every 2 --packet 1 -j DNAT --to-destination 192.168.X.4:8080
iptables -t nat -I PREROUTING -p tcp --dport 80 -m state --state NEW -m statistic --mode nth --every 2 --packet 0 -j DNAT --to-destination 192.168.X.2:8080
* Edit your forward look-up zone file and add the following resource records.
** A mail record that points to vm02.
** Aliases Alases as follows:***f16 f17 - alias router
***vm02 - alias mail
***vm01 - alias www1
932
edits

Navigation menu