實驗需求:使用squid搭建反向代理服務器,在內網服務器192.168.100.1上啓用基於域名的虛擬主機,使客戶端能通過域名訪問www.jinjianjun.com和bbs.jinjianjun.com
內網接口eth0(192.168.1.254)
內網web服務器192.168.100.1---------- squid反向代理服務器------------- 公網客戶端1.1.1.1
公網接口eth1(1.1.1.254)
一.配置內網的網站服務器192.168.100.1
可以使用apache或nginx等軟件搭建,本實驗採用nginx搭建
1.安裝nginx軟件並編輯配置文件
# vim /usr/local/nginx/conf/nginx.conf
http {
……
server {
listen 80;
server_name www.jinjianjun.com;
location / {
root /www;
index index.html;
}
}
server {
listen 80;
server_name bbs.jinjianjun.com;
location / {
root /bbs;
index index.html;
}
}
……
2.製作測試網頁文件
# mkdir /www
# mkdir /bbs
# echo www.jinjianjun.com > /www/index.html
# echo bbs.jinjianjun.com > /bbs/index.html
3.啓動服務
# cd /usr/local/nginx/sbin
# ./nginx
二.配置squid反向代理服務器
1.安裝軟件
# yum -y install squid
2.編輯配置文件
# vim /etc/squid/squid.conf
……
# And finally deny all other access to this proxy
#http_access deny all
http_access allow all
# Squid normally listens to port 3128
http_port 80 vhost //監聽80端口讓客戶端訪問
cache_peer 192.168.100.1 parent 80 0 originserver name=www
cache_peer 192.168.100.1 parent 80 0 originserver name=bbs
cache_peer_domain www www.jinjianjun.com
cache_peer_domain bbs bbs.jinjianjun.com
# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?
cache_mem 8 MB
minimum_object_size 0 KB
maximum_object_size 4096 KB
cache_swap_low 90
cache_swap_high 95
# Uncomment and adjust the following to add a disk cache directory.
cache_dir ufs /var/spool/squid 100 16 256
……
3.釋放80端口並啓動服務
# service httpd stop //本服務器若已啓動網站服務則關閉,或將其開啓在別的端口
# chkconfig httpd off
# service iptables stop
# chkconfig iptables off
# service squid start
# chkconfig squid on
# netstat -tulnp | grep :80
tcp 0 0 :::80 :::* LISTEN 3007/(squid)
三.客戶端1.1.1.1測試
生產環境將www.jinjianjun.com及bbs.jinjianjun.com在DNS服務器內指向反向代理服務器1.1.1.254
測試環境在本機編輯hosts文件解析域名對應的IP
# vim /etc/hosts
1.1.1.254 www.jinjianjun.com
1.1.1.254 bbs.jinjianjun.com
# elinks -dump http://www.jinjianjun.com
www.jinjianjun.com
# elinks -dump http://bbs.jinjianjun.com
bbs.jinjianjun.com