Is this reverse proxy configuration possible

Question

I will first try to describe the problem I have.

Let's say I have two different http servers running on two different ports behind firewall on my local machine:

SERVER1: http://localhost:8001
SERVER2: http://localhost:8002

Now what I want to do is to expose those two trough one port. Let's say trough port 80 like this:

http://server1.mydomain.com:80
http://server2.mydomain.com:80

The requirement is also that headers are preserved and that client and end servers will not be aware of proxy in between. So if Digest authentication is present on end servers I expect that it will continue to work like there is no proxy in between.

I guess that this could be achieved with transparent reverse proxy but as this is not my field of expertise I am really not sure whether I am looking at the right direction.

So the questions are:

• What is proper way to achieve this?
• Which solutions would make this possible?
• Is there any other way to achieve same effect like described above?

Answer 1

This depends on your reverse proxy product, but this is something that is definitely possible. We use MS TMG for this purpose, it can let clients authenticate directly to the backend, and it can proxy ports as well, but other reverse proxy solutions should be able to do the same.

Answer 2

This is very possible, and quite easy with something like HAProxy.

Your fontend/backend config would look something like this.

frontend http-in
  bind *:80
  mode http
  option forwardfor
  acl isServer1  hdr(host) -i server1.mydomain.com
  acl isServer2  hdr(host) -i server2.mydomain.com

  use_backend server1 if isServer1
  use_backend server2 if isServer2

backend server1
  mode http
  server server1 127.0.0.1:8001 check

backend server2
  mode http
  server server2 127.0.0.1:8002 check