| 1 |
James wrote: |
| 2 |
> So the best I can do is forward all traffic( 80, 443, etc) for the |
| 3 |
> group of websites to a proxy behind the firewall, then use software |
| 4 |
> such as what kashani suggested (proxypass, Squid, ngnix, |
| 5 |
> lighttpd, or Varnish) and parse the traffic with some form of |
| 6 |
> vhosts implementation on a single server (nated IP)? |
| 7 |
|
| 8 |
That's not quite correct. |
| 9 |
|
| 10 |
Let's assume you don't install anything on the firewall. Instead you'll |
| 11 |
forward port 80 to a single server internally on port 4080 which you've |
| 12 |
set Squid, Varnish, Ngnix, or Lighttpd to listen on. |
| 13 |
|
| 14 |
internet -> firewall:80 -> server1:4080 |
| 15 |
|
| 16 |
Your proxy accepts the connection and then looks at its config or in |
| 17 |
most case the proxy is smart enough to use DNS to go to the server it |
| 18 |
needs. Using DNS might be an issue in your case since the IPs will |
| 19 |
resolve to the single public IP. |
| 20 |
|
| 21 |
site1 -> server1:80 |
| 22 |
site2 -> server2:80 |
| 23 |
site3 -> server3:3128 |
| 24 |
site4 -> server1:80 |
| 25 |
site5 -> server123.dreamhost.com:80 |
| 26 |
site6 -> localhost:80 |
| 27 |
site6/newapp -> server7:80 |
| 28 |
site6/newapp1 -> server8:80 |
| 29 |
and so on. You can really do just about anything here. |
| 30 |
|
| 31 |
All connections are going to come through your proxy, but the serving of |
| 32 |
the pages will be done by the web servers. I would not worry about the |
| 33 |
number of connections to your proxy, all the proxy solutions list above |
| 34 |
about are capable of handling a few thousand connections. |
| 35 |
|
| 36 |
Here's the link to the Apache proxy module. It should give you some |
| 37 |
ideas on what you can do. I recommend using some other proxy software |
| 38 |
than Apache just to simplify the setup and make it easier to hold the |
| 39 |
system in your head. Also prefork Apache is the slowest and uses the |
| 40 |
most resources of your options which is another reason to use a seperate |
| 41 |
proxy. |
| 42 |
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html |
| 43 |
|
| 44 |
kashani |
Archives