If we have web servers that only support IPv4, a simple solution is to configure a web server with IPv6 support and use a Reverse Proxy. One IPv6 friendly solution for that is to use Apache HTTP Server with modules for proxying.
Configure it
Setting up a reverse proxy for an entire website is fairly straightforward. As an example I present the case study from my institution where we have some web servers that do not support IPv4 and for this we set up a server with IPv6 support and the reverse proxy with Apache. The configuration that I show is only for a site, but for others is the same. In my IPv6 Web Server I use Debian, Apache2.2 with modules for proxying.
Some resources
Apache2.2 information about mod_proxy. Show at http://httpd.apache.org/docs/2.2/
Configure it
Setting up a reverse proxy for an entire website is fairly straightforward. As an example I present the case study from my institution where we have some web servers that do not support IPv4 and for this we set up a server with IPv6 support and the reverse proxy with Apache. The configuration that I show is only for a site, but for others is the same. In my IPv6 Web Server I use Debian, Apache2.2 with modules for proxying.
At mod_proxy configuration:
<VirtualHost [IPv6_address_of_server]:80>
ServerName www.foo.institution.org
ServerAlias foo.institution.org
ProxyPass / http://www.ipv4foo.institution.org/
ProxyPassReverse / http://www.ipv4foo.institution.org/
ProxyPreserveHost On
LogLevel warn
ErrorLog /var/log/apache2/foo-error.log
CustomLog /var/log/apache2/foo-access.log combined
</VirtualHost>
The parties are key:
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
- Enable reverse proxying:
ProxyRequests Off
- Ensure that the downstream server will receive the correct "Host:" header. This option is off by default.
ProxyPreserveHost On
- Indicating how the proxy URI will convert converted as it passes through the Apache proxy server:
ProxyPass / http://www.ipv4foo.institution.org/
ProxyPassReverse / http://www.ipv4foo.institution.org/
- I configured these options for all, but can be configured for each VirtualHost.
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
Finish it
This is not an "open proxy", because we restrict the reverse proxy to a single virtual host. The server serves files to the public, but only for the web sites listed. The configuration presented here facilitates the hosting of a large number of web sites, without having to actually store and synchronize the web site with a central server. The natural flow of proxy->core web server automatically keeps data synchronized. I advise to use of Apache HTTP Server high speed threaded model because of the load and number of connections.Some resources
Apache2.2 information about mod_proxy. Show at http://httpd.apache.org/docs/2.2/
Posts
No comments:
Post a Comment