0

I need to build a reverse proxy to a couple of our developers laptops. I have created a generic hostname, and use the developers laptopnames as virtual folders. Config looks like this:

<VirtualHost 192.168.0.11:443>
   ServerName developer.contoso.com
   ProxyRequests Off
   ProxyPreserveHost On
   SSLEngine On
   SSLProxyEngine On
   SSLCertificateFile "c:/Apache24/conf/ssl/contoso.crt"
   SSLCertificateKeyFile "c:/Apache24/conf/ssl/contoso.key"
   SSLCertificateChainFile "c:/Apache24/conf/ssl/verisign.crt"
   CustomLog "|c:/Apache24/bin/rotatelogs.exe ./logs/c4o.log 10M" combined
   <Location /PC1234/service>
      ProxyPass http://pc1234.contoso.com:8070/service/
      ProxyPassReverse http://pc1234.contose.com:8070/service/
   </Location>
   <Location /PC5678/service>
      ProxyPass http://pc5678.contoso.com:8070/service/
      ProxyPassReverse http://pc5678.contose.com:8070/service/
   </Location>
</VirtualHost>

After restarting the HTTPD everything works as expected and https://developer.contoso.com/PC1234/service is publicly available, until the developers laptopgets another IP address because of a network change. How do I tell HTTPD (on Windows) to regularly flush its DNS cache and resolve the laptop FQDN from our DNS servers again?

Just to be sure: Windows itself knows the new IP address; when I ping the PC1234.contoso.com I always get the proper IP address. Thanks!

Martijn Balink
  • 3
  • 1
  • do not place proxypass directives inside Location, although you can it is quite confusing in the end, specially since both directives are interpreted in different order, also, remember to match trailing slashes, if source ends up in trailing slash destination should too, if not, they should match the same. – Daniel Ferradal Aug 25 '20 at 12:41
  • I have always used the Location directive without issues (our config is not too complex ;-)), I was aware of the slashes issue, the configfile has all the slashes in the right places, some may have gone missing here when I replaced the laptop-names and URLs with bogus data. – Martijn Balink Aug 25 '20 at 14:33
  • @MartjinBalink ok, I just commented on good practices which can come handy later on. Glad to help! – Daniel Ferradal Aug 26 '20 at 19:19

1 Answers1

0

You must plan for disabling connectionreuse with mod_proxy or place a shorter lifespan for the workers used for proxying so they get recycled offten.

So you can either try:

ProxyPass /PC1234/service/ http://pc1234.contoso.com:8070/service/ enablereuse=off

Or, try with shorter ttl, so you get advantage of pooling capabilities of mod_proxy, but make sure those workers are recycled when not used:

ProxyPass /PC1234/service/ http://pc1234.contoso.com:8070/service/ ttl=120
Daniel Ferradal
  • 2,415
  • 1
  • 8
  • 13