Re: 1 Public IP Many Servers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




I just want to revisit this on-list again. Yehuda has help tremendously, thank you Yehuda. I have the front end server set for proxy(reverse) in the httpd file:
<VirtualHost ifolder.teknerds.net:443>
ServerName ifolder.electrichendrix.com
ProxyPass /ifolder https://192.168.123.4/ifolder
ProxyPassReverse /ifolder https://192.168.123.4/ifolder
</VirtualHost>

I have the modules loaded in loadmodule.conf:
LoadModule proxy_module                   /usr/lib/apache2-prefork/mod_proxy.so
LoadModule proxy_http_module              /usr/lib/apache2-prefork/mod_proxy_http.so

Vhost-ssl.conf has this entry:
<VirtualHost _default_:443>

	#  General setup for the virtual host
	DocumentRoot "/srv/www/htdocs"
	#ServerName www.example.com:443
	#ServerAdmin webmaster@xxxxxxxxxxx
	ProxyPass /ifolder https://192.168.123.4
	ProxyPassReverse /ifolder https://192.168.123.4

Here are the logs on the front end server:
[Mon Feb 20 21:36:22 2012] [warn] proxy: No protocol handler was valid for the URL /ifolder. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.

Here are the logs from the backend server:
There aren't any for this request.

SSLProxyEngine is set to on on the backend server.
What we get when we access the frontend server is Access forbidden.
You don't have permission to access the requested object. It is either read-protected or not readable by the server.
Error 403

Can anybody offer any assistance?

On Sat, Feb 18, 2012 at 4:40 PM, Chris Arnold < carnold@xxxxxxxxxxxxxxxxxxx > wrote: 


Apache2.2.3 on SLES10. I was hoping my firewall (sonicwall tz180w enhanced software) would do this but it looks like it might not. We have 4 servers with private ip's and our firewall has 1 public ip. These servers run different services like mail, web and the other things. We are looking at another service (ticketing system) that can not run on but port 80. Port 80 is on the a different server. I need to know if apache is able to see an dns address and forward to the correct server. Example: 
http://cloudservice.domain.com on port 80 and http://mailservice.domain.com on port 80 (these are different servers with private ip's). Can apache see the xxx:// cloudservice.xx.com and forward to the correct server versus xxx:// mailservice.xxx.com . 
I hope what i need is clear as i am having a hard time describing it. Basically, i need same port to go to different servers based on the dns address from the outside (public ip). 



You could set up a single instance of Apache that acts as a reverse proxy to the other servers. 
For example: 

<VirtualHost cloudservice.example.com:80 > 
ServerName cloudservice.example.com 

ProxyPass / http://192.168.1.10/ 
ProxyPassReverse / http://192.168.1.10/ 
</VirtualHost> 


<VirtualHost mailservice.example.com:80 > 
ServerName mailservice.example.com 

ProxyPass / http://192.168.1.11/ 
ProxyPassReverse / http://192.168.1.11/ 
</VirtualHost> 

Note that I did not test these configs, this is just a sample. You will probably want some kind of security (SSL, maybe using SNI if you do not have clients using IE or Chrome on Windows XP.) 
http://httpd.apache.org/docs/2.0/mod/mod_proxy.html# 

Thanks for the reply. Should I be able to add the above directive to my vhost.conf file or do I need to install and config mod_proxy? I looked in yast->software management and do not see a mod_proxy. Best I can remember, you have to install the mod_*. 

mod_proxy is included in the default installation of HTTPD, I don't think openSUSE would have removed it, so there is no separate package to install. 
You should be able to copy those into vhost.conf, but as I said, I have not tested them. 
If you try it and have further questions, just post back here. 
Yea, I found mod_proxy.so. So I made the entry into vhost.conf but it still goes to the wrong server. That which I am trying to forward is ifolder from the Novell install disc (not the OSS). Do you use sles 11 and ifolder? If I remember right, the ifolder piece has its own small apache instance? If you would like the web address to see what I am talking about, email me off-list. 

I hate to take these discussions off-list, but I understand that you do not want your information out there. I can look at your particular situation and post a generic reply to the list with any parts that are specific to you removed. 


- Y 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Photo]     [Yosemite Photos]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]


Add to Google Powered by Linux