Mailing List Archive: mod_backhand: users

problem with remote-ip behind backhand-front (proxy)

Index | Next | Previous | View Threaded

morpheus at nachtagenten

May 17, 2002, 1:48 AM

Post #1 of 2 (808 views)
Permalink

problem with remote-ip behind backhand-front (proxy)

This is a multi-part message in MIME format.

------=_NextPart_000_0075_01C1FD90.5EBEB900
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hello

First of all, sorry for my english :) (another problem that should be =
solved)

I have read a lot of articles about mod_backhand and I think I have =
found what I am searching for.

Before I am going to set up the machines I want ask some last questions.

I want to set up 2 front-machines (with public IP and RR-DNS-Entry). =
These machines have attached a private network via a second NIC and work =
like a proxy.

To the private network are 3 machines connected which processes the =
requests.

Now I see the following problem (without having it tested):

The Apache on the webservers (private net) receives all requests from =
the two front-machines and don=B4t know the real IP from the visitors.
Thats the problem: The servers running some scripts which need to know =
the real IP (PHP-Based access-control).

I hope you understand my problem.

Perhaps there is a workaround.

Greetings

Nicolas

------=_NextPart_000_0075_01C1FD90.5EBEB900
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2715.400" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hello</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>First of all, sorry for my english :) =
(another=20
problem that should be solved)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I have read a lot of articles about =
mod_backhand=20
and I think I have found what I am searching for.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Before I am going to set up the =
machines I want ask=20
some last questions.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I want to set up 2 front-machines (with =
public IP=20
and RR-DNS-Entry). These machines have attached a private network via a =
second=20
NIC and work like a proxy.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>To the private network are 3 machines =
connected=20
which processes the requests.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Now I see the following problem =
(without having it=20
tested):</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>The Apache on the webservers (private =
net) receives=20
all requests from the two front-machines and don=B4t know the real IP =
from the=20
visitors.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Thats the problem: The servers running =
some scripts=20
which need to know the real IP (PHP-Based access-control).</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I hope you understand my =
problem.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Perhaps there is a =
workaround.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Greetings</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Nicolas</FONT></DIV></BODY></HTML>

------=_NextPart_000_0075_01C1FD90.5EBEB900--

jesus at omniti

May 17, 2002, 7:09 AM

Post #2 of 2 (745 views)
Permalink

problem with remote-ip behind backhand-front (proxy) [In reply to]

Morpheus wrote:

> Now I see the following problem (without having it tested):
>
> The Apache on the webservers (private net) receives all requests from
> the two front-machines and don´t know the real IP from the visitors.
> Thats the problem: The servers running some scripts which need to know
> the real IP (PHP-Based access-control).

(1) You must run mod_backhand on all your machines, mod_backhand is a
peer-based system, even if you are using it as a teired system.
(2) mod_backhand rewrites the IP address on the front end and extracts
it on the backend before PHP gets it... It should be completely
transparent -- Even for single "backend" connections used my mupltiple
fronend requests from different clients.

So, it isn't a problem at all.

--
Theo Schlossnagle
Principal Consultant
OmniTI Computer Consulting, Inc. -- http://www.omniti.com/
Phone: +1 301 776 6376 Fax: +1 410 880 4879
1024D/82844984/95FD 30F1 489E 4613 F22E 491A 7E88 364C 8284 4984
2047R/33131B65/71 F7 95 64 49 76 5D BA 3D 90 B9 9F BE 27 24 E7

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads