Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




I iz your trusted friend
5811 posts

Uber Geek
+1 received by user: 140

Mod Emeritus
Trusted
Lifetime subscriber

Topic # 15484 25-Aug-2007 01:03
Send private message

I need help from Linux guru who have the knowledge on how to make/configure a Reverse Proxy.

Scenario:

I have 2 webservers behind the H/W router. The 2 webservers are on different IP addresses, on different machines. Both need 80 and 443 to themselves. Which is where the conflict starts. I cannot configure one or the other machine to use different ports. Also, the H/W router will answer only-one-WAN IP and with ports and forward to the internal IP where a webserver has.

What I like to achieve or hope to see to make it happen is:

If I type in http://mydomain/server1 it should go to Web Server 1 at port 80 of the internal IP1. Same if http://mydomain/server2 to go to Web Server 2 at port 80 of internal IP2. And https://mydomain:443/folder, should point to Web Server 1/folder at port 443 of internal IP1.

OR

http://server1.mydomain/ -> WebServer 1: port 80
http://server2.mydomain/ -> WebServer 2: port 80
https://server1.mydomain/folder/ -> WebServer 1/folder/: port 443
https://server2.mydomain/folder/ -> WebServer 2/folder/: port 443


Can this be achieve from using Reverse Proxy? The SSL must be carried through to the backend webservers if possible. And the SSL cert will be a self-sign cert, and is of "mydomain".

I read that this is possible using SharePoint and ISA, configuring with Reverse Proxy and SSL Bridging.


Reason behind:

I need the use of SBS2003 for running Exchange 2003, and OWA 2003 (which are on HTTPS), while Windows Home Server with Remote Workspace (for accessing personal documents from web/remote) which is on HTTPS.




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 


Create new topic
486 posts

Ultimate Geek
+1 received by user: 6


  Reply # 83739 25-Aug-2007 09:23
Send private message

I'm confused where is the linux box that you speak of, are you running a linux hw router or are you thinking of running another box as a reverse proxy?

Apache can definitely do what you want with port 80 - either with domain1.mydomain.... or domain2.mydomain....

As for the ssl I think only the mydomiain/folder1 and mydomain/folder2 option will work




pɐǝɥ sıɥ uo ƃuıpuɐʇs

643 posts

Ultimate Geek


  Reply # 83778 25-Aug-2007 16:29

As Filterer noted, Apache has many VIrtual Server features, including SSL virtual servers. but you already have web servers so HTTP load-balancing software would be one solution.

Having globally routable address for server server1.mydomain and server2.mydomain would be the best way to solve the problem IMHO. If you used IPv6 you wouldn't have this problem because every node on your LAN can be globally routable, but back on topic.

So the content just on seperate machines?

Eddie -GPL software developed by Ericcson features an HTTP load balancer (proxy if you like) you can use regular expressions on HTTP headers to proxy an HTTP session to another host.

Squid - this can do it and is very fast but configuration is not easy for Internet facing load-balance proxy scenario. Wikipedia use squid for their load balancing FYI.

Pound - designed for exactly this scenario. Pound might be the best solution, it doesn't have all the extra features the others do and just does what you want.

If you need any help setting up this stuff I'd be glad to help.
-barf




Sniffing the glue holding the Internet together

 
 
 
 




I iz your trusted friend
5811 posts

Uber Geek
+1 received by user: 140

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 83832 26-Aug-2007 09:11
Send private message

barf: If you need any help setting up this stuff I'd be glad to help.


thanks Barf. I was hoping you may be interested helping. I'll pm you with more details later. Thanks guys.




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.