Multi-Homing on the Web

The prevalence of the Internet in business today raises many issues thatwere unheard of a couple of years ago. One such issue is multi-homing, orsetting up and maintaining virtual servers on an NT Web server. Fororganizations that provide Web services to others, multi-homing is a way toconfigure one NT server to support several IP addresses and Internet domainnames (for more on IP addresses, see Mark Minasi, "How to Set up IP,"February 1996; "NT Workstations Using an IP Router," May 1996; an "UnlockYour Gateway to the Internet," June 1996). In this article, we willdescribe what you can do with multi-homing, identify what you need formulti-homing on an NT Web server, specify how you add multi-homing, and providetips for planning a multi-homing implementation.

What You Can Do
With multi-homing, you can house severalorganizations' Web sites on one NT server and let each organization maintain itsidentity. To the world, one NT Web server appears as multiple Web servers, eachwith its own domain name. For example, Company A appears as www.companya.com andCompany B appears as www.companyb.com, although both share one Web server. Thismethod provides a cost-efficient way to connect several organizations to theWeb: You purchase one computer, one NT Server license, and one Web serversoftware component.

Multi-homing is not the same as having virtual paths on a Web server. Withvirtual paths, every organization on the Web server shares one domain name. Forexample, Company A appears as www.abc.com/~companya and Company B appears aswww.abc.com/~companyb.

Unix Internet Service Provider (ISP) aficionados consider a Unix platformbest for multi-homing because about 50 companies can be on a standard Unix boxand Unix people think only 15 or so can be on a comparably equipped NT box.However, I know of one ISP that houses 70 virtual servers on one average NT box.

What You Need
Any time multiple organizations are on onemachine, you need sufficient RAM and hard disk. At a minimum, your NT Web servermust be a Pentium 120MHz, with 32MB of RAM and a 1GB to 2GB SCSI drive. Besidesthis hardware, for this example, you need:

The Set Up
Setting up multi-homing on your NT Web server iseasy. Just follow these steps.

Step 1­ Obtaina valid IP address for each organization on your Web server--youusually get this address from your ISP. You also need an IP address for eachorganization you add to your Web server. If an organization doesn't provide itsIP address, you can register and obtain one from InterNIC at the URL,www.internic.net or rs.internic.net.

Step 2­ Createa partition on your server and a directory for each organization, toseparate the server's system files from each organization's data files (homepages, File Transfer Protocol--FTP--files, Common GatewayInterface--CGI--scripts, etc.). Suppose you create a D drive partition. For eachorganization, you can create a subdirectory from the D drive's root. Meaningfulnames help distinguish one organization from another at a glance.

Step 3­ Installan NIC in the Web server, and if you don't have an NIC, install NT'sloopback adapter for testing. To configure an NIC or the loopback adapter, go toMain, Control Panel, Network, Add Adapter. Scroll through the list, select yourcard, and click Continue. Follow the onscreen prompts and click OK when youfinish. You have to reboot the server for these configuration changes to takeeffect.

Step 4­ Installand configure the TCP/IP protocol. Go to Main, Control Panel,Network, Add Software, and choose TCP/IP Protocol and related components. Go tothe Advanced section of the TCP/IP configuration. Add up to five IP addressesand subnet masks for each organization you plan to house. After you enter thesecond IP address, Enable IP Routing changes from gray to black--markit. For more than five IP addresses, you manually add them in the Registry (seethe sidebar, "How to Set Up Virtual Domains," on page 90). A patchfrom Microsoft lets you add up to 254 IP addresses. Your server will be limitedby its horsepower and the amount of traffic for each virtual Web server. (Notethat you install the IP address for your Web server in Step 6, not this one.)After you finish adding each organization's IP address, reboot NT.

Step 5­ Installand configure Remote Access Service (RAS) if you haven't alreadyconnected your modem to your Web server. Go to Main, Control Panel, Network, AddSoftware; choose Remote Access Service. Select the appropriate modem and COMport settings, and select Dial out and Receive calls. This setting letsyour Web server dial out to an ISP and lets each organization on your Web serverdial in to maintain its subdirectory. Select the TCP/IP protocol for dial outand the protocols you want for dial in (the protocol depends on eachorganization's needs). Reboot the server.

Step 6­ Add aPhone Book entry in RAS. When you install RAS, NT adds a new ProgramGroup, Remote Access Services (Common), to your server's desktop. Locate it, andclick the Remote Access icon. You get a message that says the phone book isempty--click OK.

You can now enter specific ISP information such as name, phone number, anddescription. Click the Network button, and mark the Point-to-Point Protocol(PPP) radio button. Under the PPP setting, mark the TCP/IP box, and click TCP/IPSettings. The PPP TCP/IP Settings dialog will open. Select Require SpecificIP Address, and enter the unique IP address for your Web server. Thisaddress identifies your Web server as a gateway to the other IP addresses youassigned to each organization.

Select Use specific name server addresses, and type in the IPaddresses of the primary and secondary Domain Name System (DNS) servers you planto use to resolve host names (for information on DNS, see Spyros Sakellariadis,"Configuring and Administering DNS," August 1996, and "Integratingand Administering DNS," page 121). Typically, these servers are at yourISP's site, but they can be on your network. Mark the box, Use defaultgateway on remote network. Find out whether your ISP supports PPPcompression and whether to mark the box, Use VJ header compression.

Step 7­ Add aparameter in the Registry on your NT Web server if this server willroute traffic among your Internet connection and other parts of your network.From any window, choose File and Run, type REGEDT32.EXE, and click OK.

This sequence invokes the Registry Editor. Find and click the keyhkey_local_machinesystemcurrentcontrolsetservicesrasarpparameters.

Choose Edit from the pulldown menu, and select Add Value. TypeDisableOtherSrcPackets, and click OK to open the DWORD editor dialog. Fill in 0,and click OK. When you finish, the value will be DisableOtherSrcPackets:REG_DWORD:0.

Step 8­ Testthe TCP/IP and RAS installation. Dial in to your ISP before you addthe Web software.

Step 9­ InstallWeb server software. Confirm that your installation is working tothis point, and look up virtual servers in the manuals for your Web serversoftware. Configure each organization's subdirectory and load all appropriatefiles, such as home pages, into each subdirectory.

Step 10­ Testall URLs on your server. Using a Web browser, try to access eachorganization's URL to see whether you can view its home page.

Step 11­ Addorganizations as users on the system. You can either let eachorganization dial in to your Web server to maintain its directory, or you canmaintain each directory. NT's security and permissions let you restrict eachorganization to seeing and editing only its directory.

To let each organization manage its directory, add each organization as auser in the User Manager and give each one rights to its subdirectory. Atminimum, let each organization read and write to its directory. Under RAS,choose an organization's user ID and give it permission to dial in to theserver.

Tips for Adding Multi-Homing
If you house several organizations' Web services, you need redundancy toeliminate single points of failure. If your server goes down, you kill businessfor those other organizations until you can repair the problem. Here are sometips to safeguard against common points of failure.