Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: One DMZ server reverse proxy for 2 websites
Special Forums UNIX and Linux Applications One DMZ server reverse proxy for 2 websites Post 303014323 by gull04 on Friday 9th of March 2018 08:52:53 AM
Old 03-09-2018
Hi,

The VM hosting WP2 would be the prime suspect then, although without being able to have a look at timings and routes that will be difficult to prove.

I think that you might have to start at a slightly higher level here;
  1. Are the two VM's hosted on the same Physical and through the same Hypervisor.
  2. Are we talking VMWare, RHEV, XEN or something else.
  3. Do you have the ability to create a test page like a <phpinfo> on WP2?

You may have to have your network team do a traffic analysis to identify why things have gone awry if you don't have the appropriate tools available.

Regards

Gull04
This User Gave Thanks to gull04 For This Post:
dakelly
 

9 More Discussions You Might Find Interesting

1. Linux

Reverse Proxy

I have configured reverse proxy through apache...conf file is attached My reverse proxy has a public ip.it is redirecting the request to 172.16.1.43 which is http server.....Now i have a link in Http server's home page which will redirect the request to another Lan zone machine... (0 Replies)
Discussion started by: dipanrc
0 Replies

2. UNIX for Dummies Questions & Answers

Reverse Proxy difficulty

Hi I am trying to set up two hosts in a reverse proxy. The reverse proxy already has 8 servers running perfectly, but they are all simply mapping pure addresses, which I have registered internally and externally. The latest two I wish to add are a bit different, they are app servers, one... (1 Reply)
Discussion started by: rboekdrukker
1 Replies

3. IP Networking

Software/tool to route an IP packet to proxy server and capture the Proxy reply as an

Hi, I am involved in a project on Debian. One of my requirement is to route an IP packet in my application to a proxy server and receive the reply from the proxy server as an IP packet. My application handles data at the IP frame level. My application creates an IP packet(with all the necessary... (0 Replies)
Discussion started by: Rajesh_BK
0 Replies

4. UNIX for Advanced & Expert Users

How do you manage your DMZ server accounts?

I'd just like to know what you use for user account management on your DMZ servers? Do you use the same authentication realm as internally? Do you use a different authentication realm, perhaps only for the DMZ? Do you use local accounts? (2 Replies)
Discussion started by: humbletech99
2 Replies

5. UNIX for Advanced & Expert Users

Apache-Reverse proxy and load balancing

Hi All, I have a webpage loaded on server1 with authorization enabled by .htaccess, which can be accessed by http://ipofserver1/index.html. Now im planning a high availabilty load balancing in such a way that if the server1 is down due to some reason it should connect to another server. i have... (1 Reply)
Discussion started by: Tuxidow
1 Replies

6. UNIX for Advanced & Expert Users

Setup a Reverse Proxy on Squid

Hi all, The scenario is: http://img834.imageshack.us/img834/7990/1234z.jpg - With: + 192.168.100.0/24 : internet link (simulation) + Multiple Websites are hosting in local. + Complete DNS configuration. + OS: CentOS 5 - Requirements: Configure Squid Proxy as... (0 Replies)
Discussion started by: kidzer0
0 Replies

7. Web Development

Perhaps, different websites on same Apache server.

Reading Apache documentation I come to understand that it can host different websites, either by FQDN or IP address, virtually. Is it possible for an Apache server to run two sites, and no one be able to tell from outside, that they are hosted in the same server? If not possible. Essentially,... (2 Replies)
Discussion started by: Aia
2 Replies

8. Red Hat

Configuration Reverse Proxy - https issue

Hi All I need your valuable help on this. Im trying to setup reverse proxy using apache in rhel 5.5. I just started with Apache, and not much idea about going with advance level config, except that i have tried to set up this reverse proxy based on an online guide i found in internet. The... (0 Replies)
Discussion started by: niyas_gk
0 Replies

9. IP Networking

Reverse proxy tutorials for webserver?

Hi, one member of WJ forum adviced that i setup an reverse proxy for my webserver. So im curious if anyone know about good, easy noob tutorial on hwo to achieve this, please link to this tutorial how to setup reverse proxy for an webserver. Or better for whole node server with OpenVZ... (1 Reply)
Discussion started by: postcd
1 Replies

LEARN ABOUT DEBIAN

nslint

nslint(8)						      System Manager's Manual							 nslint(8)

NAME

       nslint - perform consistency checks on dns files

SYNOPSIS

       nslint [ -d ] [ -c named.conf ] [ -C nslint.conf ]
       nslint [ -d ] [ -b named.boot ] [ -B nslint.boot ]

DESCRIPTION

       Nslint reads the nameserver configuration files and performs a number of consistency checks on the dns records. If any problems are discov-
       ered, error messages are displayed on stderr and nslint exits with a non-zero status.

       Here is a partial list of errors nslint detects:

	      Records that are malformed.

	      Names that contain dots but are missing a trailing dot.

	      PTR records with names that are missing a trailing dot.

	      Names that contain illegal characters (rfc1034).

	      A records without matching PTR records

	      PTR records without matching A records

	      Names with more than one address on the same subnet.

	      Addresses in use by more than one name.

	      Names with CNAME and other records (rfc1033).

	      Unknown service and/or protocol keywords in WKS records.

	      Missing semicolons and quotes.

OPTIONS

       -b     Specify an alternate named.boot file. The default is /etc/named.boot.

       -c     Specify an alternate named.conf file. The default is /etc/named.conf.

       -B     Specify an alternate nslint.boot file. The default is nslint.boot in the last directory line processed in named.boot (or the current
	      working  directory).   This  file is processed like a second named.boot.	The most common use is to tell nslint about A records that
	      match PTR records that point outside the domains listed in named.boot.

       -C     Specify an alternate nslint.conf file. The default is nslint.conf in the last directory line processed in named.conf (or the current
	      working directory).  This file is processed like a second named.conf.

       -d     Raise the debugging level. Debugging information is displayed on stdout.

       Nslint  knows  how  to read BIND 8 and 9's named.conf configuration file and also older BIND's named.boot file. If both files exist, nslint
       will prefer named.conf (on the theory that you forgot to delete named.boot when you upgraded BIND).

ADVANCED CONFIGURATION

       There are some cases where it is necessary to use the advanced configuration features of nslint.  Advanced configuration is done  with  the
       nslint.conf file. (You can also use nslint.boot which has a syntax similar to named.boot but is not described here.)

       The  most  common  is when a site has a demilitarized zone (DMZ).  The problem here is that the DMZ network will have PTR records for hosts
       outside its domain. For example lets say we have 128.0.rev with:

	      1.1     604800  in      ptr     gateway.lbl.gov.
	      2.1     604800  in      ptr     gateway.es.net.

       Obviously we will define an A record for gateway.lbl.gov pointing to 128.0.1.1 but we will get errors because there is no A record  defined
       for gateway.es.net.  The solution is to create a nslint.conf file (in the same directory as the other dns files) with:

	      zone "es.net" {
		     type master;
		     file "nslint.es.net";
	      };

       And then create the file nslint.es.net with:

	      gateway 1       in      a       128.0.1.2

       Another	problem  occurs  when there is a CNAME that points to a host outside the local domains. Let's say we have info.lbl.gov pointing to
       larry.es.net:

	      info    604800  in      cname   larry.es.net.

       In this case we would need:

	      zone "es.net" {
		     type master;
		     file "nslint.es.net";
	      };

       in nslint.boot and:

	      larry   1       in      txt     "place holder"

       nslint.es.net.

       One last problem when a pseudo host is setup to allow two more more actual hosts provide a service. For, let's say that lbl.gov contains:

	      server  604800  in      a       128.0.6.6
	      server  604800  in      a       128.0.6.94
	      ;
	      tom     604800  in      a       128.0.6.6
	      tom     604800  in      mx 0    lbl.gov.
	      ;
	      jerry   604800  in      a       128.0.6.94
	      jerry   604800  in      mx 0    lbl.gov.

       In this case nslint would complain about missing PTR records and ip addresses in use by more than one host.  To	suppress  these  warnings,
       add you would the lines:

	      zone "lbl.gov" {
		     type master;
		     file "nslint.lbl.gov";
	      };

	      zone "0.128.in-addr.arpa" {
		     type master;
		     file "nslint.128.0.rev";
	      };

       to nslint.conf and create nslint.lbl.gov with:

	      server  1       in      allowdupa       128.0.6.6
	      server  1       in      allowdupa       128.0.6.94

       and create nslint.128.0.rev with:

	      6.6     604800  in      ptr     server.lbl.gov.
	      94.6    604800  in      ptr     server.lbl.gov.

       In  this example, the allowdupa keyword tells nslint that it's ok for 128.0.6.6 and 128.0.6.94 to be shared by server.lbl.gov, tom.lbl.gov,
       and jerry.lbl.gov.

       Another nslint feature helps detect hosts that have mistakenly had two ip addresses assigned on the same subnet. This can happen  when  two
       different  people  request an ip address for the same hostname or when someone forgets an address has been assigned and requests a new num-
       ber.

       To detect such A records, add a nslint section to your nslint.conf containing something similar to:

	      nslint {
		     network "128.0.6/22";
	      };

       or:

	      nslint {
		     network "128.0.6 255.255.252.0";
	      };

       These two examples are are equivalent ways of saying the same thing; that subnet 128.0.6 has a 22 bit wide subnet mask.

       Using information from the above network statement, nslint would would flag the following A records as being in error:

	      server  1       in      a       128.0.6.48
	      server  1       in      a       128.0.7.16

       Note that if you specify any network lines in your nslint.conf file, nslint requires you to include lines for all networks;  otherwise  you
       might forget to add network lines for new networks.

       Sometimes you have a zone that nslint just can't deal with. A good example is a dynamic dns zone. To handle this, you can add the following
       to nslint.com:

	      nslint {
		     ignorezone "dhcp.lbl.gov";
	      };

       This will suppress "name referenced without other records" warnings.

FILES

       /etc/named.conf - default named configuration file
       /etc/named.boot - old style named configuration file
       nslint.conf - default nslint configuration file
       nslint.boot - old style nslint configuration file

SEE ALSO

       named(8), rfc1033, rfc1034

AUTHOR

       Craig Leres of the Lawrence Berkeley National Laboratory, University of California, Berkeley, CA.

       The current version is available via anonymous ftp:

	      ftp://ftp.ee.lbl.gov/nslint.tar.gz

BUGS

       Please send bug reports to nslint@ee.lbl.gov.

       Not everyone is guaranteed to agree with all the checks done.

4th Berkeley Distribution					    2 May 2002								 nslint(8)
All times are GMT -4. The time now is 12:13 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy