Fedora Linux Support Community & Resources Center
  #1  
Old 19th January 2009, 07:17 PM
eventhorizons Offline
Registered User
 
Join Date: Jan 2009
Posts: 5
Single IP, virtual hosts, multiple servers

I would like to do something but I'm not sure if it is possible.

I have an internet connection with a single IP. I am running an Apache server hosting mutiple domains for me, my customers and my friends. All the domains are low-traffic and very simple. The most complex is a "web store" used for ordering supplies from a central warehouse for a small group of fast food restraunts. At most it gets 5 orders a day!

My server is located behind a NAT router, with the appropiate ports forwarded to the server.

I want to host a new domain for a potential new business that would function similarly to an employment service. But I don't want to have this running on my main server. I want to put it on a dedicated server so I can dink around with the code and services without risking taking my main server offline for any period of time.

What I want to happen is for requests that come into Apache on the main server for "domain1.com", "domain2.com" and "domain3.com" to be handled by the main server. However, for "domain4.com" I want Apache to pass the request off to another server, where the server-side processing would then occur and the responses sent back to the requestor, either directly or via the main server.

1) Can this be done?

2) What is this called? What Keywords would I use in researching it?

3) Is there anyone who has done this that can give me some guidance?

Thanks in advance, Ken
Reply With Quote
  #2  
Old 19th January 2009, 08:15 PM
neogranas Offline
Registered User
 
Join Date: Nov 2006
Location: U.S.A.
Age: 28
Posts: 473
Two cases to get this working.

1. Set up a reverse proxy* to access each machine based on the request coming in. That can be a headache and I don't know how to set those up but I know that it can be done that way.

2. Get a second dedicated IP. Then open the ports accordingly on each IP.


* A reverse proxy would require another computer all together to handle the incoming requests.
__________________
Registered linux user: #475337

Never underestimate someone with source code, a text editor, and the willingness to completely hose their system.
Reply With Quote
  #3  
Old 19th January 2009, 09:35 PM
eventhorizons Offline
Registered User
 
Join Date: Jan 2009
Posts: 5
A second IP address is the most obvious solution. It would require a different router then I currently use but the bigger problem is that fixed IP's are often treated as triggers to higher (more expensive) classes of service from the ISP. I will look into that possibility.

Another option I saw after doing more research would be to place the second machine's Apache on another port (8080 for example) and configure IPtables (or my router) accordingly and set up redirects on the home page of the main machine's virtual host. Clunky, but would work for initial testing and deployment. My biggest problem with that method is that I have found that some educational and corporate networks (and probably some special purpose ISP's, such as WiFi hotspots) actually block all but specific permitted ports.

Can a "reverse proxy" handle "Name-based" virtual hosting?
Reply With Quote
  #4  
Old 19th January 2009, 09:44 PM
eventhorizons Offline
Registered User
 
Join Date: Jan 2009
Posts: 5
I did some quick research of "reverse proxies" and it seems that there is a Apache module (mod_proxy) that will do just what I am looking for.

http://www.apachetutor.org/admin/reverseproxies describes it in some detail.

I will continue my research, but if anybody has any additional advice I would be more then grateful.

Last edited by eventhorizons; 19th January 2009 at 09:47 PM. Reason: Covert URL to link.
Reply With Quote
  #5  
Old 19th January 2009, 11:58 PM
neogranas Offline
Registered User
 
Join Date: Nov 2006
Location: U.S.A.
Age: 28
Posts: 473
The reverse proxy may work if you have it set up on one machine to check itself first, then check the other server if it can't find what is being requested, but I can't verify that. I'd say a reverse proxy would be your best bet if you can't get a second IP.
__________________
Registered linux user: #475337

Never underestimate someone with source code, a text editor, and the willingness to completely hose their system.
Reply With Quote
  #6  
Old 20th January 2009, 07:22 PM
griffinmt Offline
Registered User
 
Join Date: Oct 2005
Location: Central Michigan
Age: 64
Posts: 190
Smile

Another option is to leave everything pointing to the original server and add a Redirect for the new service.

It would require only a single line added to your httpd.conf file, such as:

Redirect permanent /newservice http://othersystem/newservice

Doing it this way would leave your original system to function normally, with only a small additional network load.

Martyn
Reply With Quote
  #7  
Old 20th January 2009, 09:29 PM
eventhorizons Offline
Registered User
 
Join Date: Jan 2009
Posts: 5
Would using the "redirect" offload the server-side processing activity to the second machine?

I don't mind if the primary machine has to handle the packets back and forth, I just don't want it to have to do the application work.

If the redirect would work, then it sounds like an ideal solution because it is 1) simple, 2) transparent and 3) minimal changes to primary machine.

I had thought of "mounting" the second machine onto the primary, but that would only change the location of the actual files, not where the work is done.
Reply With Quote
  #8  
Old 20th January 2009, 09:47 PM
RobertThiem Offline
Registered User
 
Join Date: Dec 2008
Posts: 7
I've never done a redirect in Apache - is that a HTTP redirect (telling the client browser "no, make a new request for THIS page instead")?
If that's the case the original client would have to be able to connect directly to the other server directly.

If your main server is up all the time I'd go with the reverse proxy option. I use it occasionally to get to something that's not talking to the proxy server at work properly, or very very occasionally to talk to the internal interface of my home modem.

## Proxy for proxied.site.domain
<VirtualHost 192.168.1.4>
ServerAdmin webmaster@YOURDOMAIN
ServerName INTERNETFACING.DNS.NAME.HERE
# Reverse proxy only, don't act as a real proxy server
ProxyRequests Off
ProxyVia Block
ProxyPass / http://INTERNALDNSALIAS/
ProxyPassReverse / http://INTERNALDNSALIAS/
<Proxy *>
AllowOverride All
</Proxy>
CustomLog logs/host/proxiedsite-access_log combined
</VirtualHost>

EDIT: Hey, that reverse proxy page is pretty good - I'll have to have a good look at that.

Last edited by RobertThiem; 20th January 2009 at 09:51 PM.
Reply With Quote
  #9  
Old 20th January 2009, 09:49 PM
brunson Offline
Registered User
 
Join Date: Jun 2005
Location: Westminster, Colorado
Posts: 2,306
A redirect wouldn't work, it would have to proxy. "Redirect permanent /newservice http://othersystem/newservice" would require that other system had a unique IP on the internet. You could use a redirect if you had your router NAT a different port to the different server. http://youripaddress:80 would go to your first server and http://youripaddress:81 could go to the second, then your primary server would redirect any access to http://youripaddress/newsite to http://youripaddress:81/newsite.
__________________
Registered Linux User #4837
411th in line to get sued by Micro$oft
Quote:
Basically, to learn Unix you learn to understand and apply a small set of key ideas and achieve expertise by expanding both the set of ideas and your ability to apply them - Paul Murphy

Last edited by brunson; 20th January 2009 at 09:52 PM.
Reply With Quote
  #10  
Old 20th January 2009, 10:09 PM
eventhorizons Offline
Registered User
 
Join Date: Jan 2009
Posts: 5
Based on the discussion here, there appear to be 3 possible solutions...

1) "Second Fixed IP": Not a exactly a unique solution, as that is the normal way of doing it.

2) "Alternate Port redirect": Inelegant but should work. May not work for all users. Removes all load from primary server.

3) "Reverse Proxy": Apache already has a module for it and looks like it would work. Primary server would still have some network load handling the packets.

Thoughts...?
Reply With Quote
  #11  
Old 21st January 2009, 02:17 AM
RobertThiem Offline
Registered User
 
Join Date: Dec 2008
Posts: 7
Quote:
Originally Posted by eventhorizons View Post
1) "Second Fixed IP": Not a exactly a unique solution, as that is the normal way of doing it.
This removes the single point of failure of the redirector, but adds in a bit of network setup complexity (which may or may not be your thing) and probably a good chunk of ongoing cost.

Quote:
2) "Alternate Port redirect": Inelegant but should work. May not work for all users. Removes all load from primary server.
It makes things look a bit jury rigged. Depends on who's using it. It might be quite adequate for dev/testing, or even production if you have understanding users working from shortcuts. Has the advantage of being very simple unless your web site/app has a bunch of absolute links that are incompatible with the port number. That's bad form anyway.

Quote:
3) "Reverse Proxy": Apache already has a module for it and looks like it would work. Primary server would still have some network load handling the packets.
This is the cheap option that looks clean, but you have a bit more software setup (more packets bouncing around between boxes).

If you're not using multiple IPs/ports something needs to be responsible for receiving the network request and then examining the host header and shuffling it somewhere. Apache and Squid will do that, as will many firewall appliances (often running something like a Squid reverse proxy quietly in the background).

If using Squid you could probably run squid as a reverse proxy on some arbitrary port (eg 8080), set the DNAT on your router to direct external port 80 through to squid port 8080 and then have Squid redirect requests to whichever internal server/port was required. This is more an "enterprise" type solution, but is a little more modular in case you want to move around the Apache server sometime.
Reply With Quote
Reply

Tags
apache, cluster, offload, virtual hosts

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
single sign-in for multiple servers xlancealotx Servers & Networking 1 29th November 2007 09:24 PM
Adding seperate servers as virtual hosts (?) KClaisse Servers & Networking 2 14th November 2007 09:07 PM


Current GMT-time: 10:35 (Wednesday, 23-04-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat