Windows

General discussion

Locked

IIS5 Answering on Multple NICs

By Joseph Moore ·
Machine: Win2KServer, SP3, with all recent patches, running on IBM Netfinity 5000.

IIS is installed and running (only FTP and WWW installed and configured). FTP is fine. WWW is the problem

The server has 2 NICs in it, both with different IP addresses (for the sake of argument, let's say NIC#1 is 10.0.0.1 and NIC#2 is 10.0.0.2).
IIS WWW is "bound" to 10.0.0.1, port 80 only. For a screen snapshot of this window, go here:
http://www.horrorseek.com/horror/leeringclown/techrepublic/iis1.gif
(please remove any spaces)
(Yes, agan that is not the correct internal IP address; I am using a valid 10.x.x.x address)
The Advanced button reveals the same info. Go here for another screen snapshot:
http://www.horrorseek.com/horror/leeringclown/techrepublic/iis2.gif
(again, remove any spaces)

The problem is that IIS is answering all WWW requests on port 80 for BOTH IP addresses, not just the single one it is configured to use. I have verified this by using SamSpade and NetBrute, 2 tools that can expose the web server packet info. Both tools give me this info back from both IP addresses:

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Content-Location: http://10.254.253.230/Default.htm
Date: Mon, 07 Oct 2002 21:39:10 GMT
Content-Type: text/html

As you can see, IIS answered. Now, I need to have IIS stop answering on the 2nd NIC (10.0.0.2) for port 80, so I can install Lotus Domino and have IT answer on NIC2 port 80. But, we are not there yet.

Also, when you use a web browser to go to http://10.0.0.1 you get the default home page on my web site, as I would expect. On http://10.0.0.2 you get a message reading "No web site is configured at this address."

I have gone into the Properties for the IIS server itself, and Edited the Master Properties. You cannot set the IP address there. I thought you could, but guess not.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

IIS5 Answering on Multple NICs

by CG IT In reply to IIS5 Answering on Multple ...

Actually, port numbers are the actual communication connector. You may have two NIC's but if both listen on port 80, [default http ]both will respond. There is something about your problem I remember from Internet Security and Acceleration Server training. I'll try to find it and post it, but it does have to do with port assignment conflicts.[conflicts are not quite the word for it but for lack of a better term conflicts].

Collapse -

IIS5 Answering on Multple NICs

by CG IT In reply to IIS5 Answering on Multple ...

humm, To restate your question, you have two web sites working in tandem with each other to supply Web content. Both are using different external connectors [ two different NIC cards] two different IP addresses but use the same port number. When someone enters the URL for the main site, both web sites respond to the main URL query. You problem is that you have to have only the main site answer the the main URL query and have the second site supply additional content, if & when needed. A redirect? to the second site? via a pointer?. OR subdomain from the root domain?

Collapse -

IIS5 Answering on Multple NICs

by CG IT In reply to IIS5 Answering on Multple ...

Ok...try changing the port number just to see. Change the one you don't want to answer to port 4330 and leave the one you want to answer at port 80.Then run a test. That's step 1. If that works [the second site now does not respond to the query] Step 2 would be to configure a trigger on the main site to the second site [a redirect].

Collapse -

IIS5 Answering on Multple NICs

by CG IT In reply to IIS5 Answering on Multple ...

I have question, why two NICS as external connectors? Do you have two FQDN you wish to keep seperate? [if not just use subdomains]or do you want to bounce back and forth between the two?

Collapse -

IIS5 Answering on Multple NICs

by Joseph Moore In reply to IIS5 Answering on Multple ...

DR, again thanks for your thoughts.
Yes, both NICs are going to have static IPs assigned to them. The first NIC will have the main static IP. The other NIC will have the 2nd static IP assigned to it. I want IIS to answer ONLY on NIC1 IP address, and then Domino to answer only on NIC2 IP address.
The main web site will have a frame in it, that calls the FQDN that is registered to the 2nd static IP.
But as of now, IIS is answering on both IP addresses, and I can't get it to stop! I really thought that specifying the IP address in the properties of the web site would do that, but I was incorrect. :-(
This was tested somewhat on another machine, using IIS having 2 different web sites on 2 different IP addresses, with web site 1 being on port 80, and web site 2 on port 81. And yes, that worked just fine.
The problem is, keeping Domino on port 81 will cause a problem when a customer has outbound packet filtering enabled. If the customer does NOT allow outbound port 81 requests, then they are not able to get the 2nd web server content. We tested this and found this out by accident.
I thought I could get IIS to only answer on the first IP address, and then we would get Domino to answer on only the 2nd, but that is not the case.
Gotta STOP IIS from listening on the 2nd IP, port 80.
Any other ideas?

Collapse -

IIS5 Answering on Multple NICs

by LordInfidel In reply to IIS5 Answering on Multple ...

This may help you a little bit....

You are confusing the word bound thinking that if the site is configured to one IP/Adapter that the OS will respond from the same adapter.

It really does not care.... It will choose any adpater that it can go out on.

Now it is even more confused becasue both adapters are on the same subnet. It does not see a difference.

This is actually a real problem that for those of us who do server farms with alot of different sites run into.

So how do youget it corrected.

First you take out the 2nd nic, so there is only 1 nic.

Second, create a master IP for the nic. Since you are using the 10. lets say 10.0.0.1 is the IP for the nic.

Next, bind more IP's to the nic. Let's say 10.0.0.10,11,12,13 etc

Now in IIS, You can assign your sites address' without host headers a different IP for each site.

Very important, each site must have a different IP if you are not using host headers. The second you assign 2 sites the same IP, they Must use host headers.

Your not crazy, this is by design.

Collapse -

IIS5 Answering on Multple NICs

by Joseph Moore In reply to IIS5 Answering on Multple ...

You're kidding, right???
I really don't want to bind both IPs to the same NIC.

Man.........
:::the sounds of a disgusted IT tech can be heard:::

Ok, I'll try that Wednesday afternoon, and let you know, but what you suggest does feel right. Ihave ran IIS on a machine with multiple IPs bound to a single NIC, and I was able to get IIS to only answer on 1 of the IPs with web site X, while web site Y only answered on a different IP.
I can't believe IIS is gonna monopolize the connections, since I have muliple NICs!
Not what I wanted to hear, but if it will work, then such is life!

Collapse -

IIS5 Answering on Multple NICs

by Joseph Moore In reply to IIS5 Answering on Multple ...

Will DR and Lordinfidel both please post a Hi message to this, something that I will keep open when I assign the points? I think between the two of you, I have the correct direction to travel.
I just can't try it until Wednesday evening.
Cross your fingers!

Collapse -

IIS5 Answering on Multple NICs

by CG IT In reply to IIS5 Answering on Multple ...

Well...I think Lordinfidel has an answer for you but that seems like virtual server on IIS for multiple domain name sites using one IP address and having host header names for query redirection to the apporpriate server. But you want an interaction between each site [re your sites working in tandem with each other one supplying content to another and vice versa]. I'm not sure that is possible with IIS in the manner in which you want it to. You can use redirects or mirrors or threads between thetwo or you might want to think about a custom program.

Collapse -

IIS5 Answering on Multple NICs

by CG IT In reply to IIS5 Answering on Multple ...

I'm gonna send you to someone I know in Canada who does Web sites and is pretty good at it. His email is michaelnferguson@hotmail.com. He does the SEALZ Gaming Community web site [which I'm a member of the SEALZ] and also has others he might be ableto put you in contact with. You can check out our web site at www.dasmerg.net and can contact him there also. Tell him SEALZ M recommended that you get in contact with him. SEALZ Broken is also a webmaster and there is SEALZ Nontoxic who works magic with networks. Our guys are alway willing to help out and if your a gamer, join us!

Related Discussions

Related Forums