[squid-users] reverse proxies and Host request header

Antony Stone Antony.Stone at squid.open.source.it
Fri Jun 12 19:09:26 UTC 2015


On Friday 12 June 2015 at 17:49:38 (EU time), Julianne Bielski wrote:

> With virtual hosting, the client is asking for a virtual origin server's
> host and DNS enables the ip address for the physical host to respond. The
> virtual host still sees "its" hostname in the host header, not the physical
> host's.

There is no "virtual host" to "see its hostname" in the header.  There is a 
single real web server (which might be a virtual machine, but that's a 
different use of the term "virtual", and doesn't matter here one way or the 
other), which can happily handle requests for multiple websites (which you 
might want to call hostnames, domains, etc).

The single web server never sees its own hostname in the header (assuming that 
its real hostname is not one of the virtual names it serves web pages for), 
and the web service is quite happy with this.

> With a reverse proxy, the backend origin server doesn't see its Host name,
> it sees the proxy's, even though the proxy is an http client with respect
> to the origin server.

The backend server sees the "hostname" (if you want to call it that) of the 
website for which it is supposed to serve pages.

An example might help:

	www.example.com
	www.example.net
	www.example.org
	downloads.example.org

may all have DNS entries pointing to a single IP address.

The machine at that IP address (it doesn't matter what its own hostname is, so 
I won't even suggest what it might be) has a web server configured to respond 
to requests for any of those web sites, therefore clients get the expected 
answers, without necessarily realising that they're all served by the same 
machine at a single IP address.

Now put a reverse proxy in the way - the above hostnames now resolve to the IP 
address of the reverse proxy, it's configured to pass the requests on to the 
appropriate backend server/s, and if that's just a single machine, it is 
configured exactly the same way as the original web server was - it responds to 
requests for any of the virtual site names.


I hope that helps;

Regards,


Antony.

-- 
A user interface is like a joke.
If you have to explain it, it didn't work.

                                                   Please reply to the list;
                                                         please *don't* CC me.


More information about the squid-users mailing list