One DMZ server reverse proxy for 2 websites

Hi All,

Hope this is the correct thread to ask this, if not, can an admin please move it to the correct thread.

Got a wee problem I hope someone can point me in the right direction.

I have Network A with two servers hosting separate webpages (I will call these WP1 & WP2). A DMZ server used for reverse proxy. And Network B where end users can point to URLs that will hit Network A web sites.

DMZ server is ubuntu 16.04

Network A is fine and runs fine for everyone in Network A to display WP1 & WP2.

In DMZ, I can use the URLs in a browser and WP1 loads with normal speed but WP2 loads super slow, but does eventually display.

In the ubuntu DMZ server, the /etc/apache2/sites-available/ I have 2 separate configs, one for each webpage to display.

Also, I have added in the IP of the servers and the hosts file in /etc/hosts

WP1 was configured a few months ago on the DMZ and has worked fine ever since. WPL2 is new to the DMZ (however has been available for Network A for a long time). However (not sure if this is relevant) WP1 is Alphabetically before WP2...
After the config for WP2 on the DMZ was created I ran

a2ensite name_of_site.domain.conf

Also firewall has been updated to same config as WP1 (for WP2 to work)

why would WP2 run slower?

On a client on which WP2 loads "super-slow" what happens if you put WP2's IP address in the URL instead of its hostname? Let's prove that the slowness is not a problem in resolving the name.

Also, if you ping WP2 from that client using first the hostname and second the IP address is the response the same speed-wise?

Hi,

I think I would start with some basics here assuming that the IP's are different, you could try;

1. Ping the IP Addresses from your work station, check that they are around the same.
2. Ping the URL for each and look for obvious differences to the IP Address pings.
3. Run a traceroute from each and look for differences.
4. Check and make sure that the reverse lookup is the same.

You could also look at things like the network config, between the switches if they are physically different.

It would also be worth looking at the /etc/network/interfaces file on the proxy.

There are just so many possibilities here, it will have to be a process of elimination.

Regards

Gull04

I attached an image of what i am trying to do in my original post.

Anyway, using the IP from the DMZ server to the WP1 & WP2 have no difference in speed. WP1 loads fine, WP2 loads very slow

---------- Post updated at 01:31 PM ---------- Previous update was at 01:21 PM ----------

ping & traceroute blocked between networks here, sorry.

Network A these servers are all VMs and on the same subnet.

Hi,

The VM hosting WP2 would be the prime suspect then, although without being able to have a look at timings and routes that will be difficult to prove.

I think that you might have to start at a slightly higher level here;

1. Are the two VM's hosted on the same Physical and through the same Hypervisor.
2. Are we talking VMWare, RHEV, XEN or something else.
3. Do you have the ability to create a test page like a <phpinfo> on WP2?

You may have to have your network team do a traffic analysis to identify why things have gone awry if you don't have the appropriate tools available.

Regards

Gull04

I have a feeling it may be the firewall that is the issue.

every end user on Network A can access the WP2 absolutely fine, no issues in speed... so this is not the Server for the WP2 website.

in fact it is mainly used on Network A and is only now being presented to Network B.

I will ask for the firewall to be checked again...

it helps to get others to point you in directions and tests to help get a better idea, especially when you been on it a while.

cheers guys... I will report back when I have more info

It took time,

but the issue was with the firewall never had the correct info
and also on Network B the DNS was not correct.

Cheers for the help.