httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject Re: [module porting] mod_proxy
Date Wed, 15 Mar 2000 10:22:01 GMT
James Sutherland wrote:

> Sorry - I wasn't meaning a full-blown proxy. Rather, I was thinking in
> terms of the setup many big Apache installations use - a reverse proxy
> front-end, with "full size" Apache backend servers. This proxy doesn't
> handle FTP, or indeed connections to anything other than the backend
> Apache daemons.

I have this exact setup running here.

> Neither case calls for a full Apache server for the front end - the
> latter, in particular, is nothing more than a buffered relay, but for the
> ability to pass information like the remote IP address etc. to the backend
> machines. Squid comes fairly close, but can't handle the encryption for
> the first case, and isn't transparent - the backend boxes see and log
> incoming connections from the front-end, not from the client.

The back end boxes need not see the client IP addresses, they shouldn't
be doing the logging in the first place, as the caching effect of the
frontend proxy would make the logs inaccurate.

We use a front end Apache setup to hide an whole assortment of NT
machines, Unix machines, NSES webservers, Infoseek, etc. None of these
backend boxes do any logging at all - it's all done on the front end.
Suddenly what was a huge problem collating log files in different
formats and on different machines became a simple one - we log in one
place, and in one format.

Multi-tier webserver architectures are normally suggested for load
balancing and failover, but their best use is website management.


View raw message