The company has a public network IP, there are two Apache servers, the need is to make Apache server map to the public network, so that public network users can access, however, if the router mapping is not very good, because the IP map on the router is "private network IP: Port" <> " Public IP: Corresponding port ", two private network Apache server content is different, but are 80 ports, do not do mapping. If you want to do it, you can 192.168.10.38:80 210.22.3.91:80
192.168.10.40:80 210.22.3.91:81
In this case, you can only let customers add port access, this is not very friendly, it is thought to do nginx reverse proxy
Nginx compiled installation Here is slightly, the main reverse proxy code is as follows
To edit a reverse proxy server configuration file:
Vim/usr/local/nginx/conf/reverse-proxy.conf
Server
{
Listen 80;
server_name www.aaa.com;
Location/{
Proxy_redirect off;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
Proxy_pass http://192.168.10.38:80;
}
Access_log Logs/www.aaa.com_access.log;
}
Server
{
Listen 80;
server_name www.ccc.com;
Location/{
Proxy_redirect off;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
Proxy_pass http://192.168.10.40:80;
}
Access_log Logs/www.ccc.com_access.log;
}
then reload the Nginx configuration file to make it effective, and then point the www.aaa.com and www.ccc.com domain names to the company staticIP, that is, when requesting DNS, directly apply for two domain names plus the company's public network IP, such as: 210.22.3.91 www.aaa.com www.ccc.com, so you can do it. Enter in the browser www.aaa.com When accessing the intranet server 192.168.10.38 80 port, enter the role of www.ccc.com access 192.168.10.40 80 port. Here is a problem, I in the network server in fact there are three 80 ports, two Apache an nginx is 80 port, these three servers are external to a whole, are 80 ports, So when I go from the public network is the external network to visit www.aaa.com or to visit www.ccc.com, how can I guarantee that access is the Nginx proxy server it? One of the Nginx Proxy Server intranet IP is 192.168.10.37, the external network IP is 210.22.3.91.
650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "Spacer.gif"/>650 "this.width=650;" src= "http ://s4.51cto.com/wyfs02/m01/8c/08/wkiom1hfelzx1wgraaawcrwo834711.png-wh_500x0-wm_3-wmp_4-s_4110980461.png "title = "999.png" alt= "Wkiom1hfelzx1wgraaawcrwo834711.png-wh_50"/>
So first put aside these questions do not say, first of all, say the principle, nginx reverse proxy, the client is not aware of the external network server exists, that is, he just follow the DNS server resolution, To visit www.aaa.com, directly to find 210.22.3.91 this ip,nginx see request is www.aaa.com, in the proxy configuration to find, in fact, corresponds to the intranet 192.168.10.38:80, so Nginx will go to the content of this page to take over as their own things to visit Ask the person, as if the content itself is his own. For visitors, the Nginx proxy server is the "server He wants"
According to the principle I personally think that the remaining two Apache servers to establish a firewall, that is, only allow the Nginx server access to its 80 ports, and the rest of the host to 80 port access is denied. This can solve the external network host to access www.aaa.com or www.ccc.com, will go directly to the Nginx proxy server. So that the Nginx proxy server to play a role.
Reference: http://www.ttlsa.com/nginx/use-nginx-proxy/
Understanding and practical application of Nginx load Balancing