Problem with HTTP_HOST - do I need L7 switching?

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Problem with HTTP_HOST - do I need L7 switching?
From:	Guy Waugh <gwaugh@xxxxxxxxxx>
Date:	Wed, 24 Sep 2003 15:51:50 +1000

Hi all,

I'm currently setting up an LVS-NAT system with two directors and tworealservers. The realservers run a proprietary application which usesapache (what I will call 'Port 80 apache'), tomcat and another apacherunning on port 8008 with modperl (what I will call 'modperl apache'). Theapplication also uses an Oracle database on a separate server (unknown tothe directors). The realservers listen on port 80, and all traffic to/fromthe realservers goes through this port.

When I install the proprietary software on a realserver, it doesn'tinitially work; the only thing one sees when one hits it with a browser is'proxy error'. This is because of these lines in the Port 80 apachehttpd.conf file:

    RewriteRule ^/index.html http://%{HTTP_HOST}:8008/index.html [P]
    RewriteRule ^/bin(.*).pl(.*) http://%{HTTP_HOST}:8008/bin$1.pl$2 [P]
    RewriteRule ^/@@(.*) http://%{HTTP_HOST}:8008/@@$1 [P]
    RewriteRule ^/%40%40(.*) http://%{HTTP_HOST}:8008/@@$1 [P]

What appears to be happening is that the client hits the VIP (on the activedirector), and the director passes the hit through to the appropriaterealserver with, apparently, an HTTP Host: header of the VIP. Port 80apache on the realserver sees this Host: header, and as a result, theRewriteRules would appear to redirect the hit to port 8008 on the VIP(which of course doesn't exist). Hence the proxy error.

To fix this, I've manually edited the httpd.conf file above and replaced'%{HTTP_HOST}' with the actual FQDN of the realserver. However, I'mwondering if this is but the tip of the proverbial iceberg; a 'grep -r'through the application's files for 'HTTP_HOST' turns up quite a fewoccurrences of it.

I'm assuming that, if my LVS director could rewrite the Host: header to bethe FQDN of the realserver to which it will send the hit, that would fixthis problem. Is this correct? If so, from a quick read of LVS doco,mailing archives etc., it looks like I need a Layer 7 switch? If so, wouldit be ktcpvs or something similar?

Please forgive my somewhat neonatal understanding of this issue - from acouple of hours' reading this afternoon, my brain hurts ;-)


Thanks and Regards,
Guy.

<Prev in Thread]	Current Thread	[Next in Thread>
Problem with HTTP_HOST - do I need L7 switching?, Guy Waugh <= Re: Problem with HTTP_HOST - do I need L7 switching?, Horms Re: Problem with HTTP_HOST - do I need L7 switching?, Guy Waugh Re: Problem with HTTP_HOST - do I need L7 switching?, Joseph Mack Re: Problem with HTTP_HOST - do I need L7 switching?, Horms Re: Problem with HTTP_HOST - do I need L7 switching?, Joseph Mack Re: Problem with HTTP_HOST - do I need L7 switching?, Horms Re: Problem with HTTP_HOST - do I need L7 switching?, Joseph Mack Re: Problem with HTTP_HOST - do I need L7 switching?, Horms Re: Problem with HTTP_HOST - do I need L7 switching?, Joseph Mack Re: Problem with HTTP_HOST - do I need L7 switching?, Guy Waugh

Previous by Date:	about usagi-linux24-stable-20020101.tar, jinjian
Next by Date:	Linux Director Reliability, Horms
Previous by Thread:	about usagi-linux24-stable-20020101.tar, jinjian
Next by Thread:	Re: Problem with HTTP_HOST - do I need L7 switching?, Horms
Indexes:	[Date] [Thread] [Top] [All Lists]