Arch Linux

satimis

Member

Registered: 2007-03-03

Posts: 186

About Pound

Hi folks,

What will be the use of "pound"?

http://www.apsis.ch/pound/

I don't have a clear picture of its application on reading its website.  Any example?  TIA

B.R.
satimis

chimeric

Member

From: Munich, Germany

Registered: 2007-10-07

Posts: 254

Website

Re: About Pound

Hi,

the most important part describing it's application is in the first sentence on the homepage:

... Pound was developed to enable distributing the load among several Web-servers ...

In short: Say you run a web service (web site) which gets gazillions of hits a day you may need more than one server to be able to run this service, Pound distributes the incoming traffic of this web service to your backend servers in a nice way.

For further information about Load Balancing there's a wikipedia page: http://en.wikipedia.org/wiki/Load_balancing_(computing) (section "For internet services").

HTH

Last edited by chimeric (2008-02-04 17:22:08)

satimis

Member

Registered: 2007-03-03

Posts: 186

Re: About Pound

Hi,

the most important part describing it's application is in the first sentence on the homepage:

... Pound was developed to enable distributing the load among several Web-servers ...

In short: Say you run a web service (web site) which gets gazillions of hits a day you may need more than one server to be able to run this service, Pound distributes the incoming traffic of this web service to your backend servers in a nice way.

For further information about Load Balancing there's a wikipedia page: http://en.wikipedia.org/wiki/Load_balancing_(computing) (section "For internet services").

HTH

Thanks for your advice.

I'm interested on points 3 and 4;

3.   an SSL wrapper: Pound will decrypt HTTPS requests from client browsers and pass them as plain HTTP to the back-end servers.
4.   an HTTP/HTTPS sanitizer: Pound will verify requests for correctness and accept only well-formed ones.

The backside story leading to my discovery of "pound" on googling is as follows;

I'm doing a test on virturalization with following setup;
(This is a test NOT for production)

VMWare Server

Ubuntu 7.04 server amd64 (Host)
(Mail Server with SquirrelMail running)
Internal IP addr 192.168.0.10
Port forwarded 80, 443 (orginal setup on router)

CentOS 5 x56_64 (Guest)
(Web Server)
Internal IP addr 192.168.0.20
Port forwarded 8080 (orginal setup on router]

The Mail Server is running w/o problem.  The Web Server can be visited with;

https://public_ip:8080

I expect to exclude ":8080", therefore re-setup the router as follows;

Ports forward to Ubuntu - 80 and 8080
Port forward to CentOS - 443

On CentOS;
======

Edit /etc/httpd/conf/httpd.conf
Add "Listen 443" and comment out;
Listen 80
Listen 8080

# service httpd start

Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

I fixed the problem as follow;

Edit /etc/httpd/conf.d/ssl.conf
comment out "Listen 443"

....
#
# When we also provide SSL we have to listen to the
# the HTTPS port in addition.
#
#Listen 443
...

# service httpd start

Starting httpd:                                            [  OK  ]

https://public_ip
displays Apache default page on CentOS
(Remark - haven't setup homepage yet)

http://public_ip
displays Apache default page on Ubuntu
(Remark - haven't setup homepage yet)

http://public_ip/mail
starts SquirrelMail on Ubuntu

Now my problem is ssl httpd needs listening to port 443.  I can't forward all www ports, 80, 8080 and 443 to CentOS.  Because SquirrelMail on Ubuntu needs web port to run.  It is a web base package.

Do you think "pound" can help me out?  Any suggestion?  TIA.

Furthermore;

I'm at lost what will be the use or advantage to go virtualization? I can't run mail and web server on Host/Guest separately. What shall I make use of the Guest ? Only for testing? I think virtualization will only be suitable for running multiple public IPs.

B.R.
satimis

chimeric

Member

From: Munich, Germany

Registered: 2007-10-07

Posts: 254

Website

Re: About Pound

Now my problem is ssl httpd needs listening to port 443.  I can't forward all www ports, 80, 8080 and 443 to CentOS.  Because SquirrelMail on Ubuntu needs web port to run.  It is a web base package.

Hmmm, I have to admit that I dont fully understand what you like to achive with this setup. Are you talking about 2 different websites or one and the same on both hosts? And do you need https on both, or do you want https forwarded to your CentOS guest only?

However, SqirrelMail doesn't necessarily need any of the webports, you can still setup the apache you run on your Ubuntu install to listen to another port say 8081 and forward it from your router to the machine.

satimis

Member

Registered: 2007-03-03

Posts: 186

Re: About Pound

Now my problem is ssl httpd needs listening to port 443.  I can't forward all www ports, 80, 8080 and 443 to CentOS.  Because SquirrelMail on Ubuntu needs web port to run.  It is a web base package.

Hmmm, I have to admit that I dont fully understand what you like to achive with this setup. Are you talking about 2 different websites or one and the same on both hosts?

2 websites and 2 domains but one public IP addr/WAN

domain-1 directed to Ubuntu (Host)
domain-2 directed to CentOS (Guest)

And do you need https on both, or do you want https forwarded to your CentOS guest only?

Yes, https on both, if possible.  Otherwise forward https to CentOS (Guest)

However, SqirrelMail doesn't necessarily need any of the webports, you can still setup the apache you run on your Ubuntu install to listen to another port say 8081 and forward it from your router to the machine.

I did try forwarding all www ports 80, 443 and 8080 to CentOS (Guest) before.  Then SquirrelMail on Ubuntu (Host) can't start.  I haven't try on another PC whether SM can be started on it?

$ cat /etc/squirrelmail/apache.conf

Alias /squirrelmail /usr/share/squirrelmail

<Directory /usr/share/squirrelmail>
  Options Indexes FollowSymLinks
  <IfModule mod_php4.c>
    php_flag register_globals off
  </IfModule>
  <IfModule mod_php5.c>
    php_flag register_globals off
  </IfModule>
  <IfModule mod_dir.c>
    DirectoryIndex index.php
  </IfModule>

  # access to configtest is limited by default to prevent information leak
  <Files configtest.php>
    order deny,allow
    deny from all
    allow from 127.0.0.1
  </Files>
</Directory>

# users will prefer a simple URL like http://webmail.example.com
#<VirtualHost 1.2.3.4>
#  DocumentRoot /usr/share/squirrelmail
#  ServerName webmail.example.com
#</VirtualHost>

# redirect to https when available (thanks omen@descolada.dartmouth.edu)
#
#  Note: There are multiple ways to do this, and which one is suitable for
#  your site's configuration depends. Consult the apache documentation if
#  you're unsure, as this example might not work everywhere.
#
#<IfModule mod_rewrite.c>
#  <IfModule mod_ssl.c>
#    <Location /squirrelmail>
#      RewriteEngine on
#      RewriteCond %{HTTPS} !^on$ [NC]
#      RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]
#    </Location>
#  </IfModule>
#</IfModule>

Whether changing;

    allow from 127.0.0.1

to;

    allow from public_ip/WAN:8081  (OR 192.168.0.10/LAN:8081)

I can set router as;

pplication  Start   End    Protocol   IP Address    Enable
web          8081   8081  both        192.168.0.10   check

"192.168.0.10" is LAN IP of Ubuntu (Host).  Then forward all www ports, 80 443 and 8080 to "192.168.0.20" (LAN IP of CentOS-Guest) if I don't run web server on Ubuntu.

Can "8081" works on Apache.  It is NOT a standard www port?

TIA

B.R.
satimis

chimeric

Member

From: Munich, Germany

Registered: 2007-10-07

Posts: 254

Website

Re: About Pound

Hmmm, I have to admit that I dont fully understand what you like to achive with this setup. Are you talking about 2 different websites or one and the same on both hosts?

2 websites and 2 domains but one public IP addr/WAN

domain-1 directed to Ubuntu (Host)
domain-2 directed to CentOS (Guest)

Ok, do you have a specific reason why you want to host one domain under Ubuntu and one under CentOs?

I think it would be easier to setup two virtual hosts for both domains on the apache on one of your machines, be it Ubuntu or CentOs.

Last edited by chimeric (2008-02-06 10:13:07)

satimis

Member

Registered: 2007-03-03

Posts: 186

Re: About Pound

Hmmm, I have to admit that I dont fully understand what you like to achive with this setup. Are you talking about 2 different websites or one and the same on both hosts?

2 websites and 2 domains but one public IP addr/WAN

domain-1 directed to Ubuntu (Host)
domain-2 directed to CentOS (Guest)

Ok, do you have a specific reason why you want to host one domain under Ubuntu and one under CentOs?

No, this is only a test on how to make use of the Guest OS.  I have been playing around on port forwarding and encountering some difficulty in the past.  If the Guest can't communicate with WAN, 2/both ways, what will be its use?  Only for testing?

I think it would be easier to setup two virtual hosts for both domains on the apache on one of your machines, be it Ubuntu or CentOs.

Yes, correct.  Domain-2 is a subdomain registered for this test.  I have only one working domain, domain-1.  On production I won't run web and mail servers on Guest.  They should be on Host.  I expect gaining experience on virtualization.  I'm curious to find out the use of Guest OSs.

B.R.
satimi