Error 500 in lighttpd



  • Hi,

    Fisrt, congratulations for your great project (and sorry about my poor english.. I´m brazilian..)

    I need to balance http request to a pool of webservers, and one of the switch criterias to
    forward requests must be part of URL.

    So, I configured a CARP interface with the virtual IP that I pretend to proxy, and in a shell
    console, I add a line:

    include ("lighttpd-user.inc")

    in file: "/etc/inc/system.inc" line 750, and create a file "/etc/inc/lighttpd-user.inc" as:
    #begin

    server.modules     += ( "mod_accesslog", "mod_status", "mod_proxy" )

    server.errorlog          = "/var/log/lighttpd.error.log"
    accesslog.filename       = "/var/log/lighttpd.access.log"

    status.status-url        = "/server-status"
    status.config-url        = "/server-config"

    $HTTP["host"] == "192.168.3.150" {
      proxy.debug                = 0
      proxy.balance              = "fair"
      proxy.server               = ( "" => ( ( "host" => "192.168.230.50", "port" => 8180 ),
                                             ( "host" => "192.168.230.51", "port" => 8180 ) ) )
    }

    #end

    Just a legend:
      192.168.3.150 -> my pfsense box external ip address (wish I use for management)
      192.168.3.151 -> my Web VIP address
      192.168.230.50 -> One real server
      192.168.230.51 -> Another real server

    as well as appropriated firewall rules, and aparently, things goes just like I thougth..
    but when I put some real load (with jmeter),  sometimes (near 15% of requests),
    I had error 500…

    Someone have already made something like this ? and worked ?

    PS: roud-robin balance not work too...

    thanks..

    Ibere



  • Wait a second.  Your attempting to bench server performance by using the built in webserver!?!?!?!??!?!



  • No.. I´m just trying to use builtin webserver as a proxy to my real webservers;
    but how I need to forward requests based on URL, I cannot use slbd (load balance) service
    supplied regularly by pfsense.



  • This is not supported, do NOT use the built in webserver for this.  Its not made for this and frankly, I cannot believe someone would even attempt this.



  • Ok… bad news.... so, I´m trying to install an apache server to do this..,

    but when I install gcc (thru a pkg_add -r gcc41), do not have links to

    /usr/local/bin/gcc, only for /usr/local/bin/gcc41...

    do you know what I´m doing wrong ?

    btw... the apache22 port does not have mod_proxy included... (so I need to compile)

    tks a lot..



  • @Ibere:

    Ok… bad news.... so, I´m trying to install an apache server to do this..,

    but when I install gcc (thru a pkg_add -r gcc41), do not have links to

    /usr/local/bin/gcc, only for /usr/local/bin/gcc41...

    do you know what I´m doing wrong ?

    btw... the apache22 port does not have mod_proxy included... (so I need to compile)

    tks a lot..

    This is a firewall.  None of this is supported.  Please install and test on a dedicated machine any of your custom items.



  • Ok, you are the boss… I´ll choose another product, but really,
    I don´t agree with "Hey man, this is a firewall, take this apache out of here !!"..
    Reverse proxy is a security feature, and almost all top of line firewalls complies this
    (Connect Control Module of Check Point Firewall-1, Http Proxy of Cisco PIX....)
    I just thought this could (and should) be an important feature.



  • You can do what you want with it.  The point is to not ask for help when doing things beyond the scope of what we offer support for.


Locked