Apache mod_proxy recipies

From braindump
Revision as of 10:59, 12 November 2016 by Uroesch (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


Recipies

IPv6 enable an IPv4 only site with reverse proxying

Prerequisites

  • mod_proxy is loaded
  • mod_http_proxy is loaded
  • An AAAA record in DNS with the same name as the website
  • An A record in DNS like ipv4.<domain> pointing the same IP as the website.
  • Optional: mod_headers if downstream headers need to be modified.
<VirtualHost [2001:db8:d0:d0]:80>
  ServerName  bun.ch
  ServerAlias www.bun.ch
  LogLevel warn
  ErrorLog /var/log/apache2/bun.ch-ipv6-proxy.error.log
  CustomLog /var/log/apache2/bun.ch-ipv6-proxy.access.log combined
  <IfModule mod_proxy.c>
    ProxyRequests On 
    <Proxy http://ipv4.bun.ch/*>
      Order deny,allow
      Allow from all
      ProxySet connectiontimeout=5 timeout=30 
    </Proxy> 
    <LocationMatch "/">
      ProxyPass        http://ipv4.bun.ch/
      ProxyPassReverse http://ipv4.bun.ch/
    </LocationMatch> 
  </IfModule>
</VirtualHost>

Interesting bit here is what Apache sends to the server downstream. Below is a request header observed via tcpudump. Depending on the far end one may need to modify the headers with mod_headers especially the Host: to make this work.

GET /test/ HTTP/1.1
Host: ipv4.bun.ch
User-Agent: Mozilla/5.0 [...]
Accept: text/html,application/xhtml+xml;
Accept-Language: en-US,en;
Accept-Encoding: gzip, deflate
Referer: http://bun.ch/
X-Forwarded-For: 2001:db8::9090
X-Forwarded-Host: bun.ch
X-Forwarded-Server: bun.ch
Connection: Keep-Alive