Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am just visualizing how a reverse proxy works.
Squid, a open source tool can be configured to work
as a reverse proxy.
Actually a reverse proxy lies inbetween the Internet and the Web server. When a request from a client comes in , the request first goes to the proxy server. The proxy server will look in its cache for the requested page,if it is there in the cache, it will send the requested page to the client or it will forward the request to the original web server.
In such a scenario, the proxy server listens at port 80 and the web server listens at some other port other than normal port 80.The squid is also configured in such a way that request for dynamic contents are forwarded to the original web server.
My confusing is regarding the how the web browsers will know that it has to first contact the proxy server instead of the web server.
One way that can be done which I am thinking is, when I get a registered ip address for my web server , instead of assigning the ip address to the web server , I will assign it to the proxy server. The proxy server is configured in such that any request that comes to it , it will forward it to the web server if the request is not available in its own cache . In that case , the web server will
have a private ip address.
The advantage with reverse proxy is that security of my web server is increased because it is not visible in the internet and also the load on the web server is reduced because the static web pages are served by the proxy server.
Is my understanding is correct. If any guys have implemented reverse proxy , please let me know whether the fact that the DNS will resolve for proxy server instead of web server is correct or not as I mentioned above .
well yes that's exactly it. what you're much more likely to do is say that your firewall is facing the internet. any hits on the firewalls ip address for port 80 will be forwarded to the squid server. that then just uses it's own largely default caching logic to know whether to send the request on to the destination or not, just like any other caching operation. well, nearly just the same, only difference is that the squid box will recieve standard http requests not http-proxy requests, but other than that exactly the same rules apply. also you can look at using squid as a fornt end to a number of seperate boxes, either identical clones or not, to allow a more resilient architecture.
you're wrong to really be asking about a DNS entry or anything, not really relevant. if www.domain.com resolves to a box that runs squid on port 80, what else do you think is going to happen? but as above you would have these boxes on a private LAN with a decent firewall having the actual internet ip addresses.
Okay, I understand that. What I can't figure out is how to allow other traffic from the internet go through squid to a server.
In other words I want to use squid as a reverse proxy for tcp traffic other than http.
How are those acls and rules set up?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.