Re: [LARTC] Routing + Proxying

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Pete,

 : I am hoping to set up a pair of web servers that sit behind a firewall.  The
 : firewall will have a single live ip address and the web servers will be
 : internal.  So my question is a simple one, which I doubt there is a simple
 : solution to (if any).... but that's why I'm asking. ;-)
 : In a simple setup of one firewall + one web server, the firewall would map
 : port 80 to the web server's port 80.

Sure....this could be netfilter DNAT.

 : Would there be a way of 'splitting' or 'load balancing' the requests between
 : the two web servers such that one of the two following scenarios is possible
 : (or any others that you can think of):

Yes.

 : 1) Each web server hosts a limited number of web sites & the firewall
 : intelligently distributes the packets based on the requested url to the
 : respective web server.

This would require application layer logic, i.e., a very smart
proxy....you might examine squid [1].

 : 2) Each web server hosts all web sites & the firewall intelligently
 : distributes whole requests to an individual web server.

You should take a look at LVS [2].  This is probably a safer and more
robust solution to the problem you outline in your first paragraph.

 : I've looked into a proxy sitting on the firewall, but this seems to
 : pose an additional problem: if the DNS points at the firewall as the IP
 : address for the individual web site and the proxy is sitting at that
 : address, how does it know to relay the request internally (this is the
 : part that I realise is not LARTC-based).

-Martin

  [1]  http://www.squid-cache.org/
  [2]  http://www.linuxvirtualserver.org/

-- 
Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx



[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux