Multiple Websites on One computer through two NIC cards

Hello,

I am hoping that there is a solution to this question. I have two routers.
Each router has an WAN address that I want to point to my web server. On my
webserver, I have two NIC cards 1 for reach website and WAN router.

Router 1 points to NIC one and uses port forwarding to forward it to the
webserver. IIS is configured for website one to use NIC one. Router 2
points to NIC 2 and uses port forwarding on port 80 to the same webserver.
Again IIS is configured for another website using NIC 2.

Now, the problem. I can access website one just fine because my default
gateway points back to router one, however I can access website 2 through
NIC, router 2 at all. But if I change the default gateway of NIC one, to
the router 2, then I can access website 2 through NIC 2, router 2. But then
I can no longer access website one through NIC.

Now, if IIS is suppose to be able to work with multiple NICS and multiple
Sites, why can't I get it to work. I tried to set a default gateway on each
NIC card but that didn't work either.

Any ideas and suggestions would be appreciated. The two websites are
different domain names. One is for my company and the other is for the
wifes personal website for family.

Thanks,

James

James Williams wrote:
> I am hoping that there is a solution to this question. I have two routers.
> Each router has an WAN address that I want to point to my web server. On my
> webserver, I have two NIC cards 1 for reach website and WAN router.
>
> Router 1 points to NIC one and uses port forwarding to forward it to the
> webserver. IIS is configured for website one to use NIC one. Router 2
> points to NIC 2 and uses port forwarding on port 80 to the same webserver.
> Again IIS is configured for another website using NIC 2.
>
> Now, the problem. I can access website one just fine because my default
> gateway points back to router one, however I can access website 2 through
> NIC, router 2 at all. But if I change the default gateway of NIC one, to
> the router 2, then I can access website 2 through NIC 2, router 2. But then
> I can no longer access website one through NIC.
>
> Now, if IIS is suppose to be able to work with multiple NICS and multiple
> Sites, why can't I get it to work. I tried to set a default gateway on each
> NIC card but that didn't work either.


That's an IP routing issue, it's nothing to do with IIS or Windows or
the number of NICs. You'd have the same problem using Apache on Linux,
for example.

Why do you need the traffic for each site coming through a specific
router? Why not just have one router, one NIC and point both sites to
the same IP address in DNS and then use host headers on IIS to
distinguish between them?

Chris.

If this is a routing issue, then please explain how I would do the
following:

First NIC1 is connected to router 1 which in term is connected to the
internet through NAT.
Then NIC2 is connected to router 2 which is turn is connected to the
internet through NAT.

NIC1 is also connected to the internal LAN. So, Lets set the senerio and
then some can correct me where I have made mistake.

Router 1 WAN IP 187.89.210.211
Router 1 LAN IP 10.12.3.10
NIC 1 in Server IP 10.12.3.15
NIC 1 in Server Default GateWay: 10.12.3.10 (Points to Router 1)
NIC 1 DNS is arbitrary.

Router 2 WAN IP 187.89.206.110
Router 2 LAN IP 10.12.3.5
NIC 2 in Server IP 10.12.3.20
NIC 2 in Server Default GateWay: NOT set
NIC 2 DNS is arbitrary.

Router 1 Port Forward 80 to 10.12.3.10 (Server NIC 1 IP)
Router 2 Port Forward 80 to 10.12.3.20 (Server NIC 2 IP)

IIS WebSite 1 uses NIC1 IP
IIS WebSite 2 uses NIC2 IP

Also, Terminal server in router 1 points to NIC 2 (I.E. Port Forward 3389 to
10.12.3.20)

At this point, I have done nothing more. I can access WebSite 1 through NIC
1.
But I can't access WebSite 2 through NIC 2. Also, I can't access terminal
server through NIC 2.
This is from the WAN interface only.

Now, I can access the WebSite 2 and terminal server from a computer inside
of the routers.

So the question is, how can I make this work? I want to IP address on the
WAN which points to different things. However the resources are all on the
same server. I.E. Web FTP POP and terminal. I know that this is a bad
idea, but don't have money to purchase seperate servers.

How can I do this with static routes. Do I route all requests for
10.12.3.15 through interface 1 (NIC1), and also route all 10.12.3.20
requests through interface 2 (NIC2)?
Something linke route add 10.12.3.15 mask 255.255.255.255 IF 1
and 10.12.3.20 mask 255.255.255.255 IF 2.

Or do I have this completely wrong?



"Chris M" <(E-Mail Removed)> wrote in message
news:gbaqc5$1np$(E-Mail Removed)...
> James Williams wrote:
>> I am hoping that there is a solution to this question. I have two
>> routers. Each router has an WAN address that I want to point to my web
>> server. On my webserver, I have two NIC cards 1 for reach website and
>> WAN router.
>>
>> Router 1 points to NIC one and uses port forwarding to forward it to the
>> webserver. IIS is configured for website one to use NIC one. Router 2
>> points to NIC 2 and uses port forwarding on port 80 to the same
>> webserver. Again IIS is configured for another website using NIC 2.
>>
>> Now, the problem. I can access website one just fine because my default
>> gateway points back to router one, however I can access website 2 through
>> NIC, router 2 at all. But if I change the default gateway of NIC one, to
>> the router 2, then I can access website 2 through NIC 2, router 2. But
>> then I can no longer access website one through NIC.
>>
>> Now, if IIS is suppose to be able to work with multiple NICS and multiple
>> Sites, why can't I get it to work. I tried to set a default gateway on
>> each NIC card but that didn't work either.
>
>
> That's an IP routing issue, it's nothing to do with IIS or Windows or the
> number of NICs. You'd have the same problem using Apache on Linux, for
> example.
>
> Why do you need the traffic for each site coming through a specific
> router? Why not just have one router, one NIC and point both sites to the
> same IP address in DNS and then use host headers on IIS to distinguish
> between them?
>
> Chris.

The basic problem is that you can only have one default gateway setting
per machine, not one per interface. If you configure two, Windows will
ignore one of them. It will only switch to the second dg if the first one
fails (and even then only if certain conditions are met). And it won't
automatically switch back when the first gateway becomes available.

That is why your proposed scheme will not work.

"James Williams" <(E-Mail Removed)> wrote in message
news:#(E-Mail Removed)...
> If this is a routing issue, then please explain how I would do the
> following:
>
> First NIC1 is connected to router 1 which in term is connected to the
> internet through NAT.
> Then NIC2 is connected to router 2 which is turn is connected to the
> internet through NAT.
>
> NIC1 is also connected to the internal LAN. So, Lets set the senerio and
> then some can correct me where I have made mistake.
>
> Router 1 WAN IP 187.89.210.211
> Router 1 LAN IP 10.12.3.10
> NIC 1 in Server IP 10.12.3.15
> NIC 1 in Server Default GateWay: 10.12.3.10 (Points to Router 1)
> NIC 1 DNS is arbitrary.
>
> Router 2 WAN IP 187.89.206.110
> Router 2 LAN IP 10.12.3.5
> NIC 2 in Server IP 10.12.3.20
> NIC 2 in Server Default GateWay: NOT set
> NIC 2 DNS is arbitrary.
>
> Router 1 Port Forward 80 to 10.12.3.10 (Server NIC 1 IP)
> Router 2 Port Forward 80 to 10.12.3.20 (Server NIC 2 IP)
>
> IIS WebSite 1 uses NIC1 IP
> IIS WebSite 2 uses NIC2 IP
>
> Also, Terminal server in router 1 points to NIC 2 (I.E. Port Forward 3389
> to 10.12.3.20)
>
> At this point, I have done nothing more. I can access WebSite 1 through
> NIC 1.
> But I can't access WebSite 2 through NIC 2. Also, I can't access terminal
> server through NIC 2.
> This is from the WAN interface only.
>
> Now, I can access the WebSite 2 and terminal server from a computer inside
> of the routers.
>
> So the question is, how can I make this work? I want to IP address on the
> WAN which points to different things. However the resources are all on
> the same server. I.E. Web FTP POP and terminal. I know that this is a
> bad idea, but don't have money to purchase seperate servers.
>
> How can I do this with static routes. Do I route all requests for
> 10.12.3.15 through interface 1 (NIC1), and also route all 10.12.3.20
> requests through interface 2 (NIC2)?
> Something linke route add 10.12.3.15 mask 255.255.255.255 IF 1
> and 10.12.3.20 mask 255.255.255.255 IF 2.
>
> Or do I have this completely wrong?
>
>
>
> "Chris M" <(E-Mail Removed)> wrote in message
> news:gbaqc5$1np$(E-Mail Removed)...
>> James Williams wrote:
>>> I am hoping that there is a solution to this question. I have two
>>> routers. Each router has an WAN address that I want to point to my web
>>> server. On my webserver, I have two NIC cards 1 for reach website and
>>> WAN router.
>>>
>>> Router 1 points to NIC one and uses port forwarding to forward it to the
>>> webserver. IIS is configured for website one to use NIC one. Router 2
>>> points to NIC 2 and uses port forwarding on port 80 to the same
>>> webserver. Again IIS is configured for another website using NIC 2.
>>>
>>> Now, the problem. I can access website one just fine because my default
>>> gateway points back to router one, however I can access website 2
>>> through NIC, router 2 at all. But if I change the default gateway of
>>> NIC one, to the router 2, then I can access website 2 through NIC 2,
>>> router 2. But then I can no longer access website one through NIC.
>>>
>>> Now, if IIS is suppose to be able to work with multiple NICS and
>>> multiple Sites, why can't I get it to work. I tried to set a default
>>> gateway on each NIC card but that didn't work either.
>>
>>
>> That's an IP routing issue, it's nothing to do with IIS or Windows or the
>> number of NICs. You'd have the same problem using Apache on Linux, for
>> example.
>>
>> Why do you need the traffic for each site coming through a specific
>> router? Why not just have one router, one NIC and point both sites to the
>> same IP address in DNS and then use host headers on IIS to distinguish
>> between them?
>>
>> Chris.
>
>

If that is the case, then what is the purpose of IIS having support for
multiple NICS?
I mean if a port 80 request comes in through WAN IP which is attached to NIC
A, then it must use the gateway for that WAN.

I just don't see how IIS could ever support this unless the users of the Web
sites sit inside of the local LAN, which does work by the way, but is
pointless. Or the server would have to sit on the WAN side, which is very
bad and unsecure, hence the need for NAT and firewalls.

Thanks

"Bill Grant" <not.available@online> wrote in message
news:ObN$(E-Mail Removed)...
> The basic problem is that you can only have one default gateway setting
> per machine, not one per interface. If you configure two, Windows will
> ignore one of them. It will only switch to the second dg if the first one
> fails (and even then only if certain conditions are met). And it won't
> automatically switch back when the first gateway becomes available.
>
> That is why your proposed scheme will not work.
>
> "James Williams" <(E-Mail Removed)> wrote in message
> news:#(E-Mail Removed)...
>> If this is a routing issue, then please explain how I would do the
>> following:
>>
>> First NIC1 is connected to router 1 which in term is connected to the
>> internet through NAT.
>> Then NIC2 is connected to router 2 which is turn is connected to the
>> internet through NAT.
>>
>> NIC1 is also connected to the internal LAN. So, Lets set the senerio and
>> then some can correct me where I have made mistake.
>>
>> Router 1 WAN IP 187.89.210.211
>> Router 1 LAN IP 10.12.3.10
>> NIC 1 in Server IP 10.12.3.15
>> NIC 1 in Server Default GateWay: 10.12.3.10 (Points to Router 1)
>> NIC 1 DNS is arbitrary.
>>
>> Router 2 WAN IP 187.89.206.110
>> Router 2 LAN IP 10.12.3.5
>> NIC 2 in Server IP 10.12.3.20
>> NIC 2 in Server Default GateWay: NOT set
>> NIC 2 DNS is arbitrary.
>>
>> Router 1 Port Forward 80 to 10.12.3.10 (Server NIC 1 IP)
>> Router 2 Port Forward 80 to 10.12.3.20 (Server NIC 2 IP)
>>
>> IIS WebSite 1 uses NIC1 IP
>> IIS WebSite 2 uses NIC2 IP
>>
>> Also, Terminal server in router 1 points to NIC 2 (I.E. Port Forward 3389
>> to 10.12.3.20)
>>
>> At this point, I have done nothing more. I can access WebSite 1 through
>> NIC 1.
>> But I can't access WebSite 2 through NIC 2. Also, I can't access
>> terminal server through NIC 2.
>> This is from the WAN interface only.
>>
>> Now, I can access the WebSite 2 and terminal server from a computer
>> inside of the routers.
>>
>> So the question is, how can I make this work? I want to IP address on
>> the WAN which points to different things. However the resources are all
>> on the same server. I.E. Web FTP POP and terminal. I know that this is
>> a bad idea, but don't have money to purchase seperate servers.
>>
>> How can I do this with static routes. Do I route all requests for
>> 10.12.3.15 through interface 1 (NIC1), and also route all 10.12.3.20
>> requests through interface 2 (NIC2)?
>> Something linke route add 10.12.3.15 mask 255.255.255.255 IF 1
>> and 10.12.3.20 mask 255.255.255.255 IF 2.
>>
>> Or do I have this completely wrong?
>>
>>
>>
>> "Chris M" <(E-Mail Removed)> wrote in message
>> news:gbaqc5$1np$(E-Mail Removed)...
>>> James Williams wrote:
>>>> I am hoping that there is a solution to this question. I have two
>>>> routers. Each router has an WAN address that I want to point to my web
>>>> server. On my webserver, I have two NIC cards 1 for reach website and
>>>> WAN router.
>>>>
>>>> Router 1 points to NIC one and uses port forwarding to forward it to
>>>> the webserver. IIS is configured for website one to use NIC one.
>>>> Router 2 points to NIC 2 and uses port forwarding on port 80 to the
>>>> same webserver. Again IIS is configured for another website using NIC
>>>> 2.
>>>>
>>>> Now, the problem. I can access website one just fine because my
>>>> default gateway points back to router one, however I can access website
>>>> 2 through NIC, router 2 at all. But if I change the default gateway of
>>>> NIC one, to the router 2, then I can access website 2 through NIC 2,
>>>> router 2. But then I can no longer access website one through NIC.
>>>>
>>>> Now, if IIS is suppose to be able to work with multiple NICS and
>>>> multiple Sites, why can't I get it to work. I tried to set a default
>>>> gateway on each NIC card but that didn't work either.
>>>
>>>
>>> That's an IP routing issue, it's nothing to do with IIS or Windows or
>>> the number of NICs. You'd have the same problem using Apache on Linux,
>>> for example.
>>>
>>> Why do you need the traffic for each site coming through a specific
>>> router? Why not just have one router, one NIC and point both sites to
>>> the same IP address in DNS and then use host headers on IIS to
>>> distinguish between them?
>>>
>>> Chris.
>>
>>

James Williams wrote:
> If that is the case, then what is the purpose of IIS having support for
> multiple NICS?
> I mean if a port 80 request comes in through WAN IP which is attached to NIC
> A, then it must use the gateway for that WAN.
>
> I just don't see how IIS could ever support this unless the users of the Web
> sites sit inside of the local LAN, which does work by the way, but is
> pointless. Or the server would have to sit on the WAN side, which is very
> bad and unsecure, hence the need for NAT and firewalls.

Remember, this isn't a limitation of IIS. Any other network service
would have the same issue.

The problem is NOT that you have two NICs, connected to two routers. The
problem is that the 'other side' of the two routers are connected to the
SAME network (i.e. the Internet).

To give an example of a situation where you could use two NICs, imagine
that you've got a webserver that sits in your network DMZ.

One NIC (the external facing NIC) would be connected to your perimeter
router and would respond to requests from the Internet. The other NIC
would be connected to your internal gateway/firewall and would respond
to requests from your internal network.

The NIC on the internal side would not need a default gateway since it
will only ever need to respond to requests from that subnet (if a NIC
needs to respond to a request on its own subnet, it doesn't need to send
it to the default gateway).

--
Chris.

> James Williams wrote:
>> If that is the case, then what is the purpose of IIS having support for
>> multiple NICS?
>> I mean if a port 80 request comes in through WAN IP which is attached to
>> NIC A, then it must use the gateway for that WAN.

To expand on what Chris said, It isn't even about supporting multiple
Nics,...IIS wouldn't know a nic if it tripped over one. It supports
multiple *IP#s*,...that is a big difference. It doesn't matter how many Nics
are involved, although you should be following proper networking practices
with the Nic & IP arrangment.

When IIS responds back to an incomming connection all that happens is that
the packets are addressed to the proper Destination Address,...and
then,...they are just *blindly* dropped on the networking componenets of the
OS. How the packets get from point "a" to point "b" and what path they take
are entirely dependent on the OS's networking components and the normal
natural way that TCP/IP operates as an industry standard.

How does that happen? It is fairly simple, the Destination Address is
compared to the OS's Routing Table and a Route is chosen, and an Interface
is chosen from the particular route. The packet is then "dropped on the
wire" of the chosen Interface and is directed to the specified Gateway of
that particular route. It has nothing to do with websites, IIS, other nics,
or what path the original incomming communication happened on.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------