实验需求:使用squid搭建反向代理服务器,在内网服务器192.168.100.1上启用基于域名的虚拟主机,使客户端能通过域名访问www.linux.com和bbs.linux.com
内网接口eth0(192.168.1.254)
内网web服务器192.168.100.1---------- squid反向代理服务器------------- 公网客户端1.1.1.1
公网接口eth1(1.1.1.254)
一.配置内网的网站服务器192.168.100.1
可以使用apache或nginx等软件搭建,本实验采用nginx搭建
1.安装nginx软件并编辑配置文件
# vim /usr/local/nginx/conf/nginx.conf
http {
……
server {
listen 80;
server_name www.linux.com;
location / {
root /www;
index index.html;
}
}
server {
listen 80;
server_name bbs.linux.com;
location / {
root /bbs;
index index.html;
}
}
……
2.制作测试网页文件
# mkdir /www
# mkdir /bbs
# echo www.linux.com > /www/index.html
# echo bbs.linux.com > /bbs/index.html
3.启动服务
# cd /usr/local/nginx/sbin
# ./nginx
二.配置squid反向代理服务器
1.安装软件
# yum -y install squid
2.编辑配置文件
# vim /etc/squid/squid.conf
……
# And finally deny all other access to this proxy
#http_access deny all
http_access allow all
# Squid normally listens to port 3128
http_port 80 vhost //监听80端口让客户端访问
cache_peer 192.168.100.1 parent 80 0 originserver name=www
cache_peer 192.168.100.1 parent 80 0 originserver name=bbs
cache_peer_domain www www.linux.com
cache_peer_domain bbs bbs.linux.com
# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?
cache_mem 8 MB
minimum_object_size 0 KB
maximum_object_size 4096 KB
cache_swap_low 90
cache_swap_high 95
# Uncomment and adjust the following to add a disk cache directory.
cache_dir ufs /var/spool/squid 100 16 256
……
3.释放80端口并启动服务
# service httpd stop //本服务器若已启动网站服务则关闭,或将其开启在别的端口
# chkconfig httpd off
# service iptables stop
# chkconfig iptables off
# service squid start
# chkconfig squid on
# netstat -tulnp | grep :80
tcp 0 0 :::80 :::* LISTEN 3007/(squid)
三.客户端1.1.1.1测试
生产环境将www.linux.com及bbs.linux.com在DNS服务器内指向反向代理服务器1.1.1.254
测试环境在本机编辑hosts文件解析域名对应的IP
# vim /etc/hosts
1.1.1.254 www.linux.com
1.1.1.254 bbs.linux.com
# elinks -dump http://www.linux.com
www.linux.com
# elinks -dump http://bbs.linux.com
bbs.linux.com