I am working on a startup and trying to keep my expenses low. I'm hosting four servers in my closet with a single static IP address. I want to be able to reach each server over ports 80 (HTTP), 443 (HTTPS) and 22 (SSH).
I've set up my router to forward similar public ports (8001,8002,8003,2201,2202,2203,44301,44302,44303, etc.) to the standard ports on the respective servers' LAN IPs.
My goal is to set up subdomains that reach the individual servers. I'm trying to use SRV records in DNS to point traffic for the various services to their unique port numbers on my static IP, then let the router send that traffic to the standard port numbers on the LAN IP for the respective servers.
I've tried to set up an SRV record for SSH to test this out, but I can't connect, and SSH says connection refused on port 22.
I have also set up an A record for subdomain.example.com to point to my static IP address.
What am I doing wrong? Is this the wrong approach?
Here is dig output (names changed to protect the innocent)
me@andrew-linux-laptop:~$ dig any _ssh._tcp.subdomain.example.com
; <<>> DiG 9.9.5-3-Ubuntu <<>> any _ssh._tcp.subdomain.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51567
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;_ssh._tcp.subdomain.example.com. IN ANY
;; ANSWER SECTION:
_ssh._tcp.subdomain.example.com. 300 IN SRV 0 5 2202 subdomain.example.com.
;; Query time: 73 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Sat Jan 24 22:44:42 EST 2015
;; MSG SIZE rcvd: 82
Best Answer
You need clients that actually use SRV records as well and SSH for one does not...
Very few common applications/protocols actually do.
To have SSH connect to a non-standard port you have to explicitly specify that port on the command line or in a configuration file. For instance