* [gentoo-server] Can Apache Proxy for a NAT'ed web-server
@ 2005-07-13 3:38 Ow Mun Heng
2005-07-13 15:32 ` Kirk Hoganson
0 siblings, 1 reply; 6+ messages in thread
From: Ow Mun Heng @ 2005-07-13 3:38 UTC (permalink / raw
To: gentoo-server
I'm sure this can be done.
I know about mod_proxy and mod_proxy_html and it's functions as a
reverse proxy. But the thing is my current understanding of these
mod_proxy is it's suitable only for servers which are in the internal
network and has names such as
www.example.com -> external IP
internalserver.example.com -> NAT IP
external -> internalserver
www.example.com/internalserver (using mod_proxy and mod_proxy_html)
what if the NAT IP'ed server has it's own DNS? say www.example2.com.
Can apache still be used to get to it? using Mod_proxy?
I'm just trying to figure out if this is a valid scenerio.
--
Ow Mun Heng
Gentoo/Linux on DELL D600 1.4Ghz 1.5GB RAM
98% Microsoft(tm) Free!!
Neuromancer 11:30:41 up 5 days, 19:27, 7 users, load average: 2.28,
1.63, 1.32
--
gentoo-server@gentoo.org mailing list
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-server] Can Apache Proxy for a NAT'ed web-server
2005-07-13 3:38 [gentoo-server] Can Apache Proxy for a NAT'ed web-server Ow Mun Heng
@ 2005-07-13 15:32 ` Kirk Hoganson
2005-07-13 16:01 ` Ow Mun Heng
0 siblings, 1 reply; 6+ messages in thread
From: Kirk Hoganson @ 2005-07-13 15:32 UTC (permalink / raw
To: gentoo-server
You could use mod_rewrite to proxy rewrite all incoming requests to the
other system. Every request that came in and matched the rewrite rule
would be redirected and proxied to the system specified in the rule.
mod_rewrite can be more than a little daunting but it could handle this
scenario.
Ow Mun Heng said the following:
> I'm sure this can be done.
>
> I know about mod_proxy and mod_proxy_html and it's functions as a
> reverse proxy. But the thing is my current understanding of these
> mod_proxy is it's suitable only for servers which are in the internal
> network and has names such as
>
> www.example.com -> external IP
> internalserver.example.com -> NAT IP
>
> external -> internalserver
> www.example.com/internalserver (using mod_proxy and mod_proxy_html)
>
> what if the NAT IP'ed server has it's own DNS? say www.example2.com.
> Can apache still be used to get to it? using Mod_proxy?
>
> I'm just trying to figure out if this is a valid scenerio.
>
--
gentoo-server@gentoo.org mailing list
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-server] Can Apache Proxy for a NAT'ed web-server
2005-07-13 15:32 ` Kirk Hoganson
@ 2005-07-13 16:01 ` Ow Mun Heng
2005-07-14 1:29 ` Michael Stewart (vericgar)
0 siblings, 1 reply; 6+ messages in thread
From: Ow Mun Heng @ 2005-07-13 16:01 UTC (permalink / raw
To: gentoo-server
On Wed, 2005-07-13 at 09:32 -0600, Kirk Hoganson wrote:
> You could use mod_rewrite to proxy rewrite all incoming requests to the
> other system. Every request that came in and matched the rewrite rule
> would be redirected and proxied to the system specified in the rule.
> mod_rewrite can be more than a little daunting but it could handle this
> scenario.
Yep.. Mod_rewrite can be used for this. Didn't think of that since I was
thinking "Proxy" only.
That being said, using mod_rewrite I can rewrite on-the-fly to the
Nat'ed address. But what if the add has a DNS entry? Say
www.example2.com and www.example1.com both has the same external IP (say
10.1.1.1)
but www.example2.com is actually a NAT'ed server inside the firewall and
behind apache? What then?
>
> Ow Mun Heng said the following:
> > I'm sure this can be done.
> >
> > I know about mod_proxy and mod_proxy_html and it's functions as a
> > reverse proxy. But the thing is my current understanding of these
> > mod_proxy is it's suitable only for servers which are in the internal
> > network and has names such as
> >
> > www.example.com -> external IP
> > internalserver.example.com -> NAT IP
> >
> > external -> internalserver
> > www.example.com/internalserver (using mod_proxy and mod_proxy_html)
> >
> > what if the NAT IP'ed server has it's own DNS? say www.example2.com.
> > Can apache still be used to get to it? using Mod_proxy?
> >
> > I'm just trying to figure out if this is a valid scenerio.
> >
--
Ow Mun Heng
Gentoo/Linux on DELL D600 1.4Ghz 1.5GB RAM
98% Microsoft(tm) Free!!
Neuromancer 00:01:58 up 11:27, 6 users, load average: 1.49, 1.23, 1.37
--
gentoo-server@gentoo.org mailing list
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-server] Can Apache Proxy for a NAT'ed web-server
2005-07-13 16:01 ` Ow Mun Heng
@ 2005-07-14 1:29 ` Michael Stewart (vericgar)
2005-07-14 2:26 ` Ow Mun Heng
0 siblings, 1 reply; 6+ messages in thread
From: Michael Stewart (vericgar) @ 2005-07-14 1:29 UTC (permalink / raw
To: gentoo-server
[-- Attachment #1: Type: text/plain, Size: 849 bytes --]
Ow Mun Heng wrote:
>
> Yep.. Mod_rewrite can be used for this. Didn't think of that since I was
> thinking "Proxy" only.
>
> That being said, using mod_rewrite I can rewrite on-the-fly to the
> Nat'ed address. But what if the add has a DNS entry? Say
>
> www.example2.com and www.example1.com both has the same external IP (say
> 10.1.1.1)
>
> but www.example2.com is actually a NAT'ed server inside the firewall and
> behind apache? What then?
>
If I am understanding you correctly, vhosts should do the trick.
www.example1.com would be set up like a normal vhost
www.example2.com would be a vhost with just proxy directives in it:
--
Michael Stewart vericgar@gentoo.org
Gentoo Developer http://dev.gentoo.org/~vericgar
GnuPG Key ID 0x08614788 available on http://pgp.mit.edu
--
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 256 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [gentoo-server] Can Apache Proxy for a NAT'ed web-server
2005-07-14 1:29 ` Michael Stewart (vericgar)
@ 2005-07-14 2:26 ` Ow Mun Heng
2005-07-14 14:42 ` kashani
0 siblings, 1 reply; 6+ messages in thread
From: Ow Mun Heng @ 2005-07-14 2:26 UTC (permalink / raw
To: gentoo-server
On Wed, 2005-07-13 at 18:29 -0700, Michael Stewart (vericgar) wrote:
> Ow Mun Heng wrote:
> >
> > Yep.. Mod_rewrite can be used for this. Didn't think of that since I was
> > thinking "Proxy" only.
> >
> > That being said, using mod_rewrite I can rewrite on-the-fly to the
> > Nat'ed address. But what if the add has a DNS entry? Say
> >
> > www.example2.com and www.example1.com both has the same external IP (say
> > 10.1.1.1)
> >
> > but www.example2.com is actually a NAT'ed server inside the firewall and
> > behind apache? What then?
> >
>
> If I am understanding you correctly, vhosts should do the trick.
>
> www.example1.com would be set up like a normal vhost
> www.example2.com would be a vhost with just proxy directives in it:
So that would be Named based Vhosts? I'm just a bit confused on how we
can direct it to the internal Box. (FWIW, it may be serving from
Mac/Win)
assuming apache:
<VirtualHost vhost.home.net>
ServerName vhost.home.net
ServerAlias www.vhost.home.net
DocumentRoot /var/www/vhost.home.net/htdocs
TransferLog /tmp/vhost-access.log
<Directory "/var/www/vhost.home.net/htdocs">
Options -Indexes -FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
how do I specify the internal example2.com (say ip 192.168.1.1)
Where does the proxy directive go to?
Thanks for the help in explaining.
>
--
Ow Mun Heng
Gentoo/Linux on DELL D600 1.4Ghz 1.5GB RAM
98% Microsoft(tm) Free!!
Neuromancer 09:43:49 up 21:09, 4 users, load average: 1.20, 1.12, 1.47
--
Ow Mun Heng
Gentoo/Linux on DELL D600 1.4Ghz 1.5GB RAM
98% Microsoft(tm) Free!!
Neuromancer 10:26:36 up 21:51, 5 users, load average: 0.86, 0.51, 0.54
--
gentoo-server@gentoo.org mailing list
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: [gentoo-server] Can Apache Proxy for a NAT'ed web-server
2005-07-14 2:26 ` Ow Mun Heng
@ 2005-07-14 14:42 ` kashani
0 siblings, 0 replies; 6+ messages in thread
From: kashani @ 2005-07-14 14:42 UTC (permalink / raw
To: gentoo-server
Ow Mun Heng wrote:
> how do I specify the internal example2.com (say ip 192.168.1.1)
> Where does the proxy directive go to?
>
> Thanks for the help in explaining.
Here's a working config from a friend's webserver that proxies his Tivo.
In his setup the ProxyPass and ProxyPassReverse point to the public IP
of the Tivo so you might need to mess with the config a little bit if
it's internal, like maybe turn ProxyRequest On... it's been 6 months or
so since I helped him set it up. I included the Auth stuff as well in
case you needed it, though for a normal webserver you should skip that
stuff. Again IIRC the Location / can be used to point to a dir on the
internal machine. Setting Location /tivo/ would start you at
10.10.10.11/tivo/ rather than just / like in this config.
<VirtualHost *>
ServerName tivo.domain.com
ServerAdmin ops@domain.com
DocumentRoot /var/www/tivo.domain.com/htdocs
TransferLog /var/log/apache/tivo.domain.com-access.log
RefererLog /var/log/apache/tivo.domain.com-referer.log
ErrorLog /var/log/apache/tivo.domain.com-error.log
ProxyRequests Off
ProxyPass / http://10.10.10.11:8088/
ProxyPassReverse / http://10.10.10.11:8088/
<Location />
AllowOverride None
AuthType Basic
AuthName tivo
AuthUserFile /etc/apache/tivopasswd
require valid-user
</Location>
</VirtualHost>
kashani
--
gentoo-server@gentoo.org mailing list
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2005-07-14 14:46 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-13 3:38 [gentoo-server] Can Apache Proxy for a NAT'ed web-server Ow Mun Heng
2005-07-13 15:32 ` Kirk Hoganson
2005-07-13 16:01 ` Ow Mun Heng
2005-07-14 1:29 ` Michael Stewart (vericgar)
2005-07-14 2:26 ` Ow Mun Heng
2005-07-14 14:42 ` kashani
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox