One DMZ server reverse proxy for 2 websites

 
Thread Tools Search this Thread
Special Forums UNIX and Linux Applications One DMZ server reverse proxy for 2 websites
# 1  
Old 03-09-2018
One DMZ server reverse proxy for 2 websites

Hi All,

Hope this is the correct thread to ask this, if not, can an admin please move it to the correct thread.


Got a wee problem I hope someone can point me in the right direction.

I have Network A with two servers hosting separate webpages (I will call these WP1 & WP2). A DMZ server used for reverse proxy. And Network B where end users can point to URLs that will hit Network A web sites.

DMZ server is ubuntu 16.04

Network A is fine and runs fine for everyone in Network A to display WP1 & WP2.

In DMZ, I can use the URLs in a browser and WP1 loads with normal speed but WP2 loads super slow, but does eventually display.

In the ubuntu DMZ server, the /etc/apache2/sites-available/ I have 2 separate configs, one for each webpage to display.

Also, I have added in the IP of the servers and the hosts file in /etc/hosts

WP1 was configured a few months ago on the DMZ and has worked fine ever since. WPL2 is new to the DMZ (however has been available for Network A for a long time). However (not sure if this is relevant) WP1 is Alphabetically before WP2...
After the config for WP2 on the DMZ was created I ran
Code:
a2ensite name_of_site.domain.conf

Also firewall has been updated to same config as WP1 (for WP2 to work)

why would WP2 run slower?
One DMZ server reverse proxy for 2 websites-capturepng

Last edited by dakelly; 03-09-2018 at 09:18 AM..
# 2  
Old 03-09-2018
On a client on which WP2 loads "super-slow" what happens if you put WP2's IP address in the URL instead of its hostname? Let's prove that the slowness is not a problem in resolving the name.

Also, if you ping WP2 from that client using first the hostname and second the IP address is the response the same speed-wise?
This User Gave Thanks to hicksd8 For This Post:
# 3  
Old 03-09-2018
Hi,

I think I would start with some basics here assuming that the IP's are different, you could try;
  1. Ping the IP Addresses from your work station, check that they are around the same.
  2. Ping the URL for each and look for obvious differences to the IP Address pings.
  3. Run a traceroute from each and look for differences.
  4. Check and make sure that the reverse lookup is the same.

You could also look at things like the network config, between the switches if they are physically different.

It would also be worth looking at the /etc/network/interfaces file on the proxy.

There are just so many possibilities here, it will have to be a process of elimination.

Regards

Gull04

Last edited by gull04; 03-09-2018 at 09:19 AM.. Reason: Correction
This User Gave Thanks to gull04 For This Post:
# 4  
Old 03-09-2018
Quote:
Originally Posted by hicksd8
On a client on which WP2 loads "super-slow" what happens if you put WP2's IP address in the URL instead of its hostname? Let's prove that the slowness is not a problem in resolving the name.

Also, if you ping WP2 from that client using first the hostname and second the IP address is the response the same speed-wise?
I attached an image of what i am trying to do in my original post.


Anyway, using the IP from the DMZ server to the WP1 & WP2 have no difference in speed. WP1 loads fine, WP2 loads very slow

---------- Post updated at 01:31 PM ---------- Previous update was at 01:21 PM ----------

Quote:
Originally Posted by gull04
Hi,

I think I would start with some basics here assuming that the IP's are different, you could try;
  1. Ping the IP Addresses from your work station, check that they are around the same.
  2. Ping the URL for each and look for obvious differences to the IP Address pings.
  3. Run a traceroute from each and look for differences.
  4. Check and make sure that the reverse lookup is the same.

You could also look at things like the network config, between the switches if they are physically different.

It would also be worth looking at the /etc/network/interfaces file on the proxy.

There are just so many possibilities here, it will have to be a process of elimination.

Regards

Gull04
ping & traceroute blocked between networks here, sorry.

Network A these servers are all VMs and on the same subnet.
# 5  
Old 03-09-2018
Hi,

The VM hosting WP2 would be the prime suspect then, although without being able to have a look at timings and routes that will be difficult to prove.

I think that you might have to start at a slightly higher level here;
  1. Are the two VM's hosted on the same Physical and through the same Hypervisor.
  2. Are we talking VMWare, RHEV, XEN or something else.
  3. Do you have the ability to create a test page like a <phpinfo> on WP2?

You may have to have your network team do a traffic analysis to identify why things have gone awry if you don't have the appropriate tools available.

Regards

Gull04
This User Gave Thanks to gull04 For This Post:
# 6  
Old 03-09-2018
I have a feeling it may be the firewall that is the issue.

every end user on Network A can access the WP2 absolutely fine, no issues in speed... so this is not the Server for the WP2 website.

in fact it is mainly used on Network A and is only now being presented to Network B.

I will ask for the firewall to be checked again...

it helps to get others to point you in directions and tests to help get a better idea, especially when you been on it a while.

cheers guys... I will report back when I have more info
# 7  
Old 06-04-2018
It took time,

but the issue was with the firewall never had the correct info
and also on Network B the DNS was not correct.

Cheers for the help.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. IP Networking

Reverse proxy tutorials for webserver?

Hi, one member of WJ forum adviced that i setup an reverse proxy for my webserver. So im curious if anyone know about good, easy noob tutorial on hwo to achieve this, please link to this tutorial how to setup reverse proxy for an webserver. Or better for whole node server with OpenVZ... (1 Reply)
Discussion started by: postcd
1 Replies

2. Red Hat

Configuration Reverse Proxy - https issue

Hi All I need your valuable help on this. Im trying to setup reverse proxy using apache in rhel 5.5. I just started with Apache, and not much idea about going with advance level config, except that i have tried to set up this reverse proxy based on an online guide i found in internet. The... (0 Replies)
Discussion started by: niyas_gk
0 Replies

3. Web Development

Perhaps, different websites on same Apache server.

Reading Apache documentation I come to understand that it can host different websites, either by FQDN or IP address, virtually. Is it possible for an Apache server to run two sites, and no one be able to tell from outside, that they are hosted in the same server? If not possible. Essentially,... (2 Replies)
Discussion started by: Aia
2 Replies

4. UNIX for Advanced & Expert Users

Setup a Reverse Proxy on Squid

Hi all, The scenario is: http://img834.imageshack.us/img834/7990/1234z.jpg - With: + 192.168.100.0/24 : internet link (simulation) + Multiple Websites are hosting in local. + Complete DNS configuration. + OS: CentOS 5 - Requirements: Configure Squid Proxy as... (0 Replies)
Discussion started by: kidzer0
0 Replies

5. UNIX for Advanced & Expert Users

Apache-Reverse proxy and load balancing

Hi All, I have a webpage loaded on server1 with authorization enabled by .htaccess, which can be accessed by http://ipofserver1/index.html. Now im planning a high availabilty load balancing in such a way that if the server1 is down due to some reason it should connect to another server. i have... (1 Reply)
Discussion started by: Tuxidow
1 Replies

6. UNIX for Advanced & Expert Users

How do you manage your DMZ server accounts?

I'd just like to know what you use for user account management on your DMZ servers? Do you use the same authentication realm as internally? Do you use a different authentication realm, perhaps only for the DMZ? Do you use local accounts? (2 Replies)
Discussion started by: humbletech99
2 Replies

7. IP Networking

Software/tool to route an IP packet to proxy server and capture the Proxy reply as an

Hi, I am involved in a project on Debian. One of my requirement is to route an IP packet in my application to a proxy server and receive the reply from the proxy server as an IP packet. My application handles data at the IP frame level. My application creates an IP packet(with all the necessary... (0 Replies)
Discussion started by: Rajesh_BK
0 Replies

8. UNIX for Dummies Questions & Answers

Reverse Proxy difficulty

Hi I am trying to set up two hosts in a reverse proxy. The reverse proxy already has 8 servers running perfectly, but they are all simply mapping pure addresses, which I have registered internally and externally. The latest two I wish to add are a bit different, they are app servers, one... (1 Reply)
Discussion started by: rboekdrukker
1 Replies

9. Linux

Reverse Proxy

I have configured reverse proxy through apache...conf file is attached My reverse proxy has a public ip.it is redirecting the request to 172.16.1.43 which is http server.....Now i have a link in Http server's home page which will redirect the request to another Lan zone machine... (0 Replies)
Discussion started by: dipanrc
0 Replies
Login or Register to Ask a Question