Error 500 in lighttpd



  • Hi,

    Fisrt, congratulations for your great project (and sorry about my poor english.. I´m brazilian..)

    I need to balance http request to a pool of webservers, and one of the switch criterias to
    forward requests must be part of URL.

    So, I configured a CARP interface with the virtual IP that I pretend to proxy, and in a shell
    console, I add a line:

    include ("lighttpd-user.inc")

    in file: "/etc/inc/system.inc" line 750, and create a file "/etc/inc/lighttpd-user.inc" as:
    #begin

    server.modules     += ( "mod_accesslog", "mod_status", "mod_proxy" )

    server.errorlog          = "/var/log/lighttpd.error.log"
    accesslog.filename       = "/var/log/lighttpd.access.log"

    status.status-url        = "/server-status"
    status.config-url        = "/server-config"

    $HTTP["host"] == "192.168.3.150" {
      proxy.debug                = 0
      proxy.balance              = "fair"
      proxy.server               = ( "" => ( ( "host" => "192.168.230.50", "port" => 8180 ),
                                             ( "host" => "192.168.230.51", "port" => 8180 ) ) )
    }

    #end

    Just a legend:
      192.168.3.150 -> my pfsense box external ip address (wish I use for management)
      192.168.3.151 -> my Web VIP address
      192.168.230.50 -> One real server
      192.168.230.51 -> Another real server

    as well as appropriated firewall rules, and aparently, things goes just like I thougth..
    but when I put some real load (with jmeter),  sometimes (near 15% of requests),
    I had error 500…

    Someone have already made something like this ? and worked ?

    PS: roud-robin balance not work too...

    thanks..

    Ibere



  • Wait a second.  Your attempting to bench server performance by using the built in webserver!?!?!?!??!?!



  • No.. I´m just trying to use builtin webserver as a proxy to my real webservers;
    but how I need to forward requests based on URL, I cannot use slbd (load balance) service
    supplied regularly by pfsense.



  • This is not supported, do NOT use the built in webserver for this.  Its not made for this and frankly, I cannot believe someone would even attempt this.



  • Ok… bad news.... so, I´m trying to install an apache server to do this..,

    but when I install gcc (thru a pkg_add -r gcc41), do not have links to

    /usr/local/bin/gcc, only for /usr/local/bin/gcc41...

    do you know what I´m doing wrong ?

    btw... the apache22 port does not have mod_proxy included... (so I need to compile)

    tks a lot..



  • @Ibere:

    Ok… bad news.... so, I´m trying to install an apache server to do this..,

    but when I install gcc (thru a pkg_add -r gcc41), do not have links to

    /usr/local/bin/gcc, only for /usr/local/bin/gcc41...

    do you know what I´m doing wrong ?

    btw... the apache22 port does not have mod_proxy included... (so I need to compile)

    tks a lot..

    This is a firewall.  None of this is supported.  Please install and test on a dedicated machine any of your custom items.



  • Ok, you are the boss… I´ll choose another product, but really,
    I don´t agree with "Hey man, this is a firewall, take this apache out of here !!"..
    Reverse proxy is a security feature, and almost all top of line firewalls complies this
    (Connect Control Module of Check Point Firewall-1, Http Proxy of Cisco PIX....)
    I just thought this could (and should) be an important feature.



  • You can do what you want with it.  The point is to not ask for help when doing things beyond the scope of what we offer support for.


Log in to reply