Forwarding port 80 traffic to multiple Web servers behind the firewall

I want to set up two web servers behind my firewall, both accessible from Internet browser clients using the normal port 80 and the URL. For example server1 www.abc.com and server2 www.def.com.

I'm not an expert, but I think I understand how to use IPTABLEs to do a port forward. But what I don't know (or haven't found) is how to selectively do a forward based on the requested web server URL.

Assume the two servers are on the private IP addresses 10.0.0.100 and 10.0.0.110, respectively and my firewall router is on a public address 1.2.3.4. What I want is for port 80 traffic with URL www.abc.com to go to address 10.0.0.100 as port 80 and likewise for port 80 traffic with URL www.def.com to go to 10.0.0.110.

I suppose I could have the two servers listening on different ports if that is required, ie 9000 and 9100, instead of 80.

Can someone offer some ideas? Thanks

This cannot be done with IPTables. This is because the destination server is included in the HTTP request header field.

The first part of TCP connection is handshake, which sets up the connection between client and server. At this point, there is no information about the host name available. The HTTP request header field becomes after handshake.

Since IPTables simply forwards IP packets, it cannot forward the TCP handshake packets to correct destination.

You need to set up a reverse proxy, like HAProxy, nginx or Apache on the firewall machine.