On Thu, 26 Feb 2004, Tim Neto wrote:

> 1 Squid firewall machine.** Internet: 24.115.66.100** Intranet: 192.168.20.10
> *** 2 Internal Web Servers.
> ************ E-Mail server:* 192.168.20.8:80
> ************ Calendar server:** 192.168.20.9:81


What I am missing from this is how you want the two servers to look like
to the users of the reverse proxy. What URLs should the users request to
end up in the respective server?

> I can if need be re-align the Calendar server to port 80, but...


If you want users to externally request the Calendar server as if it ran
on port 80 you should re-align it to actually run on port 80.

The use of port 81 for public web servers is not recommended. Public web
servers should run on port 80 for http:// or 443 for https://, nothing
else.

The use of different ports in the public URL than what the actual server
runs on is also not recommended, as this often causes problems where the
internal port leaks out to the browsers, often as part of plain normal
operations.

>
> So far I have tried the virtual
>
> ************** httpd_accel_host virtual


this is not what you want to use, as explained earlier. You only want this
directive if you want to provide IP based accelerator setups, and the use
of this directive absolutely REQUIRES a redirector helper to fix up the
URLs accordingly.

In all other accelerator setups httpd_accel_host SHOULD be set to your
main domain name to support prehistoric HTTP/1.0 clients not sending Host
headers.

> ************** httpd_accel_port 80


ok, but you must then use a redirector to rewrite the port to 81 on
requests for the calendar server.

The other alternative is to use two http_port directives and virtual
accelerator port

http_port 80
http_port 81
httpd_accel_port 0

this will use whatever http_port the request was accepted on as port
number in the requested URL.

> ************** httpd_accel_single_host off
> ************** httpd_accel_with_proxy on
> ************** httpd_accel_uses_host_header on


ok.

Regards
Henrik