Mod proxy » History » Revision 25
Revision 24 (gstrauss, 2016-12-24 03:03) → Revision 25/43 (gstrauss, 2017-04-09 17:34)
h1. The Proxy Interface
{{>toc}}
*Module: mod_proxy*
h3. Description
h3. Options
lighttpd provides the Proxy support via the proxy-module (mod_proxy) which provides the following options in the config-file:
* proxy.server: tell proxy.debug: a value between 0 and 65535 to set the module where debug-level in the Proxy module. Currently only 0 and 1 are used. Use 1 to send Proxy requests to. Every file-extension can have its own handler. Load-balancing is done by specifying multiple hosts for the same extension. enable some debug output, 0 to disable it. Note: Use 'enable|disable' in v1.4.13.
* proxy.balance: might be one of 'fair' (default), 'hash', 'round-robin' or 'sticky'.
** 'fair' is the normal load-based, passive balancing.
** 'round-robin' chooses another host for each request.
** 'hash' is generating a hash over the request-uri and makes sure that the same request URI is sent to always the same host. That can increase the performance of the backend servers a lot due to higher cache-locality.
** 'sticky' (since 1.4.44) sends requests from the same (client) IP to the same backend.
* proxy.replace-http-host: enable/disable replacing Host header in request to backend with proxy.server label (default: disable) (since 1.4.44)
* proxy.forwarded = append "Forwarded" header (RFC7239) proxy.server: tell the module where to proxied send Proxy requests (since 1.4.46)
* proxy.debug: a value between 0 and 65535 to set to. Every file-extension can have its own handler. Load-balancing is done by specifying multiple handles for the debug-level in the Proxy module. Currently only 0 and 1 are used. Use 1 to enable some debug output, 0 to disable it. Note: Use 'enable|disable' in v1.4.13. same extension.
Structure of proxy.server section:
<pre>
( <extension> =>
( [ <label> => ]
( "host" => <string> ,
"port" => <integer> ),
( "host" => <string> ,
"port" => <integer> )
),
<extension> => ...
)
</pre>
* <extension>: is the file-extension or prefix (if started with "/"); can be empty ("") to match all requests
* <label>: optional name that shows up in the generated statistics of mod_status, useful for indicating which backend handler processed this extension
* "host": is ip of the proxy server _*DO not* use hostnames here! only IP addresses<br>
(since 1.4.36:) if host starts with a @"/"@ lighttpd will try to connect to the unix domain socket
* "port": is tcp-port on the "host" used by the proxy server (default: 80)
e.g.:
<pre>
proxy.server = ( ".jsp" =>
( (
"host" => "10.0.0.242",
"port" => 81
) )
)
</pre>
proxy.forwarded (since 1.4.46) is a list of parameters to include in "Forwarded". It is not enabled by default. To provide the same information as X-Forwarded-For and X-Forwarded-Proto, enable "for" and "proto". The "remote_user" is a lighttpd extension to the Forwarded header and, if enabled, adds the authenticated user set by mod_auth.
<pre>
proxy.forwarded = ( "for" => 1,
"proto" => 1,
#"host" => 1,
#"by" => 1,
#"remote_user" => 1
)
</pre>
h3. Example
Using lighttpd + mod_proxy in front of 8 Squids which handle the caching of dynamic content for you. All requests for the host www.example.org should be forwarded to the proxy. All proxies listen on port 80 for requests.
<pre>
$HTTP["host"] == "www.example.org" {
proxy.balance = "hash"
proxy.server = ( "" => ( ( "host" => "10.0.0.10" ),
( "host" => "10.0.0.11" ),
( "host" => "10.0.0.12" ),
( "host" => "10.0.0.13" ),
( "host" => "10.0.0.14" ),
( "host" => "10.0.0.15" ),
( "host" => "10.0.0.16" ),
( "host" => "10.0.0.17" ) ) )
}
</pre>
If one of the hosts goes down the all requests for this one server are moved equally to the other servers. If you want to know more about the algorithm used here, "google" for 'Microsoft CARP'.
h3. Troubleshooting
If you are getting:
2007-05-02 09:45:48: (mod_proxy.c.397) connect failed: 8 Network is unreachable 101
2007-05-02 09:45:48: (mod_proxy.c.871) proxy-server disabled: blabla.com 80 8
2007-05-02 09:45:48: (mod_proxy.c.1229) no proxy-handler found for: /
Check if you have used an IP address for the proxy address. Hostnames are *not* allowed there!
h3. User-contributed Enhancements
*Use of these patches is _not_ recommended (gstrauss)*
Remove HTTP headers X-Forwarded-For, X-Host, X-Forwarded-Proto, replace HTTP headers Host with proxy hostname ("name", then "host") from headers, and support hostnames by gethostbyname. You can get the patch from this page.
<pre>
( "" =>
( "nkbbs.org" => # name
( "host" => "202.113.16.117",
"port" => 80
)
)
)
</pre>
In the configuration of above, this will replace Host with "nkbbs.org"(name). But if the name is shorter than the shortest hostname("g.cn"?), mod_proxy will use Host as "host".