Re: Problem with DNS lookup caching in reverse proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



----- "Slawomir R. Janotta" <s.janotta@xxxxxxxxx> wrote:

> Hi everybody,
> I am facing a problem which I cannot solve in a satisfying way and
> after
> searching the known resources for a while I wonder if anyone has ever
> solved a similiar one.
> 
> Let me first describe the situation I have here.
> 
> I am using a reverse proxy installation to access a backend server
> transparently. However, there are in fact two backend machines instead
> of
> one and they are configured in a cold stand-by way meaning only one
> is
> ever running.
> 
> Additionally there is a special dns-resolver which supplies the ip
> address
> of only one of the backend machines depending on which one is running
> at
> the moment during DNS name resolving. This works perfectly as I can
> check
> each time after the switch-over with a simple nslookup command.
> 
> The definition of the reverse proxy clause is like this:
> 
> NameVirtualHost 192.168.100.10:443
> <VirtualHost 192.168.100.10:443>
>     SSLEngine ON
>     SSLProxyEngine ON
>     ProxyPass / https://backend.mydomain.com:8080/
>     ProxyPassReverse / https://backend.mydomain.com:8080/
> </VirtualHost>
> 
> Where 192.168.100.10 is the address of the reverse proxy machine and
> the
> fully qualified name of backend.mydomain.com is the logical name of
> the
> service which the dns-resolver resolves to either one of the backend
> servers depending on their run status.
> 
> When I access the backend service over the reverse proxy the Apache
> server
> running as the reverse proxy caches the IP address of the then
> running
> backend server. Now if I switch the servers, shutting one down and
> bringing the other up and updating the dns-resolver, I can see that
> the
> dns-resolving mechanism works but the reverse proxy still uses the
> cached
> IP address of the now defunct backend server.

Would it be a viable option for you to not use the DNS method, and
instead do something like:

<Proxy balancer://notsohotcluster>
  BalanceMember https://backend1.mydomain.com:8080/
  BalanceMember https://backend1.mydomain.com:8080/ status=+H
</Proxy>

ProxyPass / balancer://notsohotcluster
ProxyPassReverse / balancer://notsohotcluster

This will (probably) simply mitigate the DNS problem.
 
> Regards
> Slawo

i

-- 
Igor GaliÄ

Tel: +43 (0) 664 886 22 883
Mail: i.galic@xxxxxxxxxxxxxx
URL: http://brainsware.org/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux