|
Home > Archive > Apache Server configuration support > November 2004 > Moving server behind F5
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Moving server behind F5
|
|
| carcarx@hotmail.com 2004-11-23, 6:11 pm |
| One of our web servers got moved behind an F5 (for eventual load
balancing for another
service on the same box) but I wasn't told about it until after it was
moved.
So, what I need to do is to configure Apache 2 to know to respond to
essentially
rewrite requests it receives from the F5 to its "interior" IP address
back to its
DNS name and known to the world IP address, so that the rest of its web
server pages
can be found and processed.
Any advice about what docs to look at, or, if someone's already done
that,
which configurations to set?
Thank you!
| |
| Davide Bianchi 2004-11-23, 6:11 pm |
| On 2004-11-23, carcarx@hotmail.com <carcarx@hotmail.com> wrote:
> rewrite requests it receives from the F5 to its "interior" IP address
> back to its DNS name and known to the world IP address
ServerName and UseCanonicalName are the two things to check and fix.
See the documentation.
Davide
--
Windows is the best $89 solitaire game you can buy.
| |
| Joachim Ring 2004-11-23, 6:11 pm |
| "carcarx@hotmail.com" <carcarx@hotmail.com> wrote in message news:<1101237237.642177.138240@f14g2000cwb.googlegroups.com>...
> One of our web servers got moved behind an F5 (for eventual load
> balancing for another
> service on the same box) but I wasn't told about it until after it was
> moved.
>
> So, what I need to do is to configure Apache 2 to know to respond to
> essentially
> rewrite requests it receives from the F5 to its "interior" IP address
> back to its
> DNS name and known to the world IP address, so that the rest of its web
> server pages
> can be found and processed.
>
> Any advice about what docs to look at, or, if someone's already done
> that,
> which configurations to set?
is the F5 set up in stream (does the default gw of your box point to
the F5) or is it set up to do source NAT?.
if you set up your box with ServerName being the FQDN of the virtual
server on the F5 that should be fine. As Davide has mentioned,
UseCanonicalNames might help when self-referential URL's are still
wrong, but that hasn't been necessary for me yet.
one thing to think about if the F5 does source NAT is that your logs
will be pretty boring as you don't see real client ip's any more but
just the F5. No way around tht except putting it in stream.
also depending on what healthcheck method is configured on the F5 you
migh see lots of entries from that in your access-log. You might want
to use conditional logging to blank out these dummies.
joachim
| |
| carcarx@hotmail.com 2004-11-24, 8:13 am |
| Thanks. I set ServerName to the interior IP address, and
UseCanonicalName
to "On", to see follow-on links use the interior IP address (and that's
not
how the prepackaged HTML pages recognize themselves, *sigh*).
Will look into other suggestions when the F5 configurer comes back from
Thanksgiving vacation.
Thank you, all!
| |
| carcarx@hotmail.com 2004-11-24, 8:13 am |
| Thanks, Joachim. I believe that the F5 is doing NAT for the destination
(my box).
The default gateway of my box still points outside the F5.
I used tcpdump on my box to see what was going on. (It was my only
choice
after my box was moved behind the F5 without my being told!)
Thanks again, all!
|
|
|
|
|