Port forward to 3 internal pi servers on same outside IP

zmox

Thread Starter
Joined
Jan 13, 2021
Messages
9
Hello and Thanks in advance.

I have 3 Raspberry Pi set up on my network. 192.168.178.30, 192.168.178.40 and 192.168.178.50. I have the first one connected to the internet with port 443 and 80 and 8080 and 22 etc. But now I want to connect the others to the same ports. I know that cant be done easily. But could someone tell me how I can do it. I have a Fritz Router.
I suppose I need to make up some other ports?? Please help. Thanks.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,576
You can't. The only ways to do it are:

1) You get a block of static public IP addresses from your ISP. You'll use one static public IP per Raspberry Pi.
2) You register a number of domain names and use a proxy that knows how to map incoming requests based on domain name to the corresponding internal Raspberry Pi.
3) Change the port numbers for each subsequent Raspberry Pi where the next one will have 8443, etc.
 

zmox

Thread Starter
Joined
Jan 13, 2021
Messages
9
Thank you for your reply. I do know it is possible to do because my neighbor was doing it but sadly he passed away and his kids don't know how he did it. I know he didn't have multiple static IP's. Could you please explain your point 3 in more detail or tell me where I can get more information.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,576
Not to argue with you but it's impossible. I've been doing networking for a long time and it's impossible to do what you're asking about with the same port numbers being answered by your firewall to be disseminated to different internal hosts. Impossible.

When I say change port numbers, each Pi is acting as a server. They're all listening on ports that are set by services that are running on the Pi. You've identified 443, 80, and 22 which are HTTPS, HTTP, and SSH. There's nothing prohibiting you from changing those port numbers for which the Pi will answer.

So for Pi #1, you'll have ports: 443, 80, and 22
For Pi #2, you'll have ports: 8443, 8080, and 8022
For Pi #3, you'll have ports: 9443, 9080, and 9022
etc.

So you'll set your port forward rules to send the corresponding ports listed to the specific internal IP for the corresponding Pi.

I'm willing to bet money your neighbor did the same as above.
 

zmox

Thread Starter
Joined
Jan 13, 2021
Messages
9
Thank you so much. That makes so much sense. Can the ports be any valid port number or is there a reason you increment them in sequence. Just asking if there is a format or convention in these things.
 

zmox

Thread Starter
Joined
Jan 13, 2021
Messages
9
Just wondering if you know about subnets. I have a really difficult/impossible query?
 

zmox

Thread Starter
Joined
Jan 13, 2021
Messages
9
Now that I think about it a bit more. If There are two Pi WEB SERVERS how can the internet access the right one if the HTTPS query looks for port 8080 on my static IP and my second server is on 9080. I'm a bit lost now...
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,576
The port number can be anything you choose. But by convention there are a set of reserved ports that you shouldn't use for other purposes over what everyone has agreed to run through those ports. Those are ports 0 through 1023. Nothing is preventing you from grabbing say port 25 to run SSH or HTTP/web traffic on it. But port 25 is what everyone uses for SMTP or email traffic.

Any port above 1023 is far game.

I chose to increment the ports in the manner I did because it makes it easy for me to remember and makes sense when you look at the port number. My use of 8080 and 9080 tells me their HTTP/web for my uses as they're function of port 80. The incrementing just makes logical sense for me to keep track of which port is assigned to which internal server. I could pick 11111 as the listening port for a webserver. But obviously it's not very descriptive if you look at it.

If you use those different port numbers for your web server on the various Pi's you have, the user has to make a change as to how they enter the URL. Instead of entering www.yourwebpage.com to get to say Pi #2's web server, the user would have to enter http://www.yourwebpage.com:8080. This will tell the web browser to initiate a web session on port 8080 instead of the default port 80. Same applies for HTTPS. The user would have to enter: https://www.yourwebpage.com:8443.
 

zmox

Thread Starter
Joined
Jan 13, 2021
Messages
9
Thank you. You said " This will tell the web browser to initiate a web session on port 8080 instead of the default port 80. Same applies for HTTPS. The user would have to enter: https://www.yourwebpage.com:8443. " But how would a random user know that have to type https://www.yourwebpage.com:8443 instead of https://www.yourwebpage.com? I think I don't understand something fundamental. Is there something in the pointer of the domain server perhaps that I can change to make that URL address my 2nd server or 3rd server through port 8081 or 8082? I hope my question even makes sense.
 

Couriant

James
Moderator
Joined
Mar 26, 2002
Messages
38,829
Thank you. You said " This will tell the web browser to initiate a web session on port 8080 instead of the default port 80. Same applies for HTTPS. The user would have to enter: https://www.yourwebpage.com:8443. " But how would a random user know that have to type https://www.yourwebpage.com:8443 instead of https://www.yourwebpage.com? I think I don't understand something fundamental. Is there something in the pointer of the domain server perhaps that I can change to make that URL address my 2nd server or 3rd server through port 8081 or 8082? I hope my question even makes sense.
I would believe you will need to tell your user to enter that. I don't think it can be done any other way.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,576
James is 100% correct.

What exactly are you trying to do? If you are looking to host a bunch of websites on your residential service, you have to check to see if your ISP is going to allow inbound HTTP connections particularly on port 80. Many ISPs have blocked this due to the Code Red WORM that plagued a bunch of servers running IIS quite a few years ago.

As I said, the only way to do what you are looking to do and make it seamless for the user is to register different domains and then have a proxy or front up a web server. I had a work project which had a single public IP but we had to host a bunch of different websites off of that single IP. We ended up building a Linux web server which was able to serve up the appropriate web page based on the inbound domain name. All of the domains would be registered to the same public IP.
 

zmox

Thread Starter
Joined
Jan 13, 2021
Messages
9
Thank you all so much. That's so helpful.
I have different domains registered. I would like to implement a simple version of what James has done
" We ended up building a Linux web server which was able to serve up the appropriate web page based on the inbound domain name. All of the domains would be registered to the same public IP. "
Plese explain how I can use "and make it seamless for the user is to register different domains and then have a proxy or front up a web server. "
I have two identical pi web servers I have two domains registered, I have one static public IP, how do I use a "proxy" to feed the page to the right server.?
 

Couriant

James
Moderator
Joined
Mar 26, 2002
Messages
38,829
If you have more than 1 Public Static IP, then your ISP should have provided a modem that would have this configuration. At least that was how we were doing it when I worked for an ISP.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,576
This is getting more involved than the intent of this forum where we can provide help for areas you may be stuck on. But we're not going to walk you through something like this step for step. You also have to do some work on your own and research to figure this out. This is an article on how to do it with Windows Server IIS:

https://support.simpledns.plus/kb/a...-7_0-windows-vista-server-2008-and-later.aspx

The work project I discussed above was done with Linux using the same principles discussed in the above article.

What I've posted in this reply should give you the head start you need to get this project working. Any gaps in your knowledge you should be able to do some online searching to fill them in.
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top