summaryrefslogtreecommitdiffstats
path: root/docs/manual/mod/mod_proxy.xml (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add Multipath TCP (MPTCP) support (Proxy)Joe Orton2024-09-121-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Multipath TCP (MPTCP), standardized in RFC8684 [1], is a TCP extension that enables a TCP connection to use different paths. Multipath TCP has been used for several use cases. On smartphones, MPTCP enables seamless handovers between cellular and Wi-Fi networks while preserving established connections. This use-case is what pushed Apple to use MPTCP since 2013 in multiple applications [2]. On dual-stack hosts, Multipath TCP enables the TCP connection to automatically use the best performing path, either IPv4 or IPv6. If one path fails, MPTCP automatically uses the other path. To benefit from MPTCP, both the client and the server have to support it. Multipath TCP is a backward-compatible TCP extension that is enabled by default on recent Linux distributions (Debian, Ubuntu, Redhat, ...). Multipath TCP is included in the Linux kernel since version 5.6 [3]. To use it on Linux, an application must explicitly enable it when creating the socket. No need to change anything else in the application. Adding the possibility to create MPTCP sockets would thus be a really fine addition to httpd, by allowing clients to make use of their different interfaces. This patch introduces the possibilty to connect to backend servers using MPTCP. Note however that these changes are only available on Linux, as IPPROTO_MPTCP is Linux specific for the time being. For proxies, we can connect using MPTCP by passing the \"multipathtcp\" parameter: ProxyPass \"/example\" \"http://backend.example.com\" multipathtcp=On We then store this information in the worker and create sockets appropriately according to this value. Link: https://www.rfc-editor.org/rfc/rfc8684.html [1] Link: https://www.tessares.net/apples-mptcp-story-so-far/ [2] Link: https://www.mptcp.dev [3] Add Multipath TCP (MPTCP) support (Core) Multipath TCP (MPTCP), standardized in RFC8684 [1], is a TCP extension that enables a TCP connection to use different paths. Multipath TCP has been used for several use cases. On smartphones, MPTCP enables seamless handovers between cellular and Wi-Fi networks while preserving established connections. This use-case is what pushed Apple to use MPTCP since 2013 in multiple applications [2]. On dual-stack hosts, Multipath TCP enables the TCP connection to automatically use the best performing path, either IPv4 or IPv6. If one path fails, MPTCP automatically uses the other path. To benefit from MPTCP, both the client and the server have to support it. Multipath TCP is a backward-compatible TCP extension that is enabled by default on recent Linux distributions (Debian, Ubuntu, Redhat, ...). Multipath TCP is included in the Linux kernel since version 5.6 [3]. To use it on Linux, an application must explicitly enable it when creating the socket. No need to change anything else in the application. Adding the possibility to create MPTCP sockets would thus be a really fine addition to httpd, by allowing clients to make use of their different interfaces. This patch introduces the possibility to listen with MPTCP sockets. Note however that these changes are only available on Linux, as IPPROTO_MPTCP is Linux specific for the time being. To do so, we extended the Listen directive to include a \"multipathtcp\" option, allowing to create MPTCP sockets instead of regular TCP ones: Listen 80 options=multipathtcp We then store this information in flags for the listen directive and create sockets appropriately according to this value. Link: https://www.rfc-editor.org/rfc/rfc8684.html [1] Link: https://www.tessares.net/apples-mptcp-story-so-far/ [2] Link: https://www.mptcp.dev [3] Submitted by: Aperence <anthony.doeraene hotmail.com> Github: closes #476 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920586 13f79535-47bb-0310-9956-ffa450edef68
* r1881790 has also added the 3rd argument to "ProxyRemoteMatch"Christophe Jaillet2024-04-011-1/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916708 13f79535-47bb-0310-9956-ffa450edef68
* Remove redundant slash from example - mod_proxy docRich Bowen2024-01-291-1/+1
| | | | | | | | | Submitted by: nisbet-hubbard <87453615+nisbet-hubbard@users.noreply.github.com> Github: closes #378 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1915459 13f79535-47bb-0310-9956-ffa450edef68
* * Document r1912459. [skip ci]Ruediger Pluem2023-10-301-0/+5
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1913432 13f79535-47bb-0310-9956-ffa450edef68
* there is a separate `connectiontimeout`Eric Covener2023-06-061-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1910253 13f79535-47bb-0310-9956-ffa450edef68
* docs: no default value for mod_proxy upgrade= parameter. [skip ci]Yann Ylavic2023-01-271-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907045 13f79535-47bb-0310-9956-ffa450edef68
* docs: Add deprecation note for wstunnel, move Upgrade example up for proxy_http.Yann Ylavic2023-01-271-20/+22
| | | | | | | [skip ci] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907035 13f79535-47bb-0310-9956-ffa450edef68
* docs: Better mod_proxy_wstunnel vs mod_proxy_http upgrade= documentation.Yann Ylavic2023-01-271-3/+29
| | | | | | | [skip ci] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907031 13f79535-47bb-0310-9956-ffa450edef68
* typoLucien Gentis2022-10-241-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1904804 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch whenYann Ylavic2022-10-111-14/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | some dollar substitution (backreference) happens in the hostname or port part of the URL. Address or connection reuse can't work when the autority part of the URL is dynamic (single origin server[:port] handled/assumed in the reslist). Detect such cases and unset worker->s->is_address_reusable to disable reuse regardless of enablereuse/disablereuse. * modules/proxy/proxy_util.c(ap_proxy_define_worker_ex): Lookup for $n substitution in the hostname[:port] when parsing the URL and if present, set worker->->is_address_reusable=0 / worker->s->disablereuse=1. * modules/proxy/proxy_util.c(ap_proxy_initialize_worker): Don't overwrite worker->s->is_address_reusable from enablereuse/disablereuse parameters, and set both consistently. * docs/manual/mod/mod_proxy.xml: Add ProxyPassMatch compatibility note about key=value parameters handled with $n substitutions since 2.4.47. Document the specificities of enablereuse/disablereuse w.r.t. $n subsitutions in the different part of the URL. Axe the note about unparsable URLs when the $n substitution happens in the port, this has been addressed in 2.4.47 too (and works now). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1904513 13f79535-47bb-0310-9956-ffa450edef68
* use a liberal default limit for LimitRequestBody of 1GBEric Covener2022-06-011-3/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901497 13f79535-47bb-0310-9956-ffa450edef68
* 'interpolate' is a keyword, not a user-defined string.Christophe Jaillet2022-03-261-9/+9
| | | | | | | | | | So it should not be in <var></var> in <syntax> and <code> should be used instead of <var> in explanations. While at it, fix some other style issues and missing links spotted here and there. [skip ci] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1899205 13f79535-47bb-0310-9956-ffa450edef68
* Improve ProxyPass mapping= docs. [skip ci]Yann Ylavic2021-12-161-14/+19
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1896062 13f79535-47bb-0310-9956-ffa450edef68
* docs/mod_proxy.xml: syntax. [skip ci]Yann Ylavic2021-12-161-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1896048 13f79535-47bb-0310-9956-ffa450edef68
* Add a note about aliging mapping= with the backend's. [skip ci]Yann Ylavic2021-12-131-13/+23
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1895907 13f79535-47bb-0310-9956-ffa450edef68
* Improve docs for ProxyPass mapping= parameter. [skip ci]Yann Ylavic2021-12-131-3/+14
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1895895 13f79535-47bb-0310-9956-ffa450edef68
* Add mapping = servlet / encodedJean-Frederic Clere2021-06-041-0/+6
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1890477 13f79535-47bb-0310-9956-ffa450edef68
* Add some mod_proxy_uwsgi related tweaksChristophe Jaillet2020-11-011-0/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1883045 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy: Add support for an optional third argument to ProxyRemote*Joe Orton2020-09-171-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | to configure the Basic auth credentials to send to the remote proxy. (Note that credentials are always sent w/o waiting for a challenge as with proxy-chain-auth, and only Basic is supported - both of which are not exactly ideal - but better than nothing.) * modules/proxy/mod_proxy.h (struct proxy_remote): Add creds field. * modules/proxy/mod_proxy.c (proxy_handler): Pass forward proxy credentials via r->notes. (add_proxy): Take credentials and base64-encode into ->creds field if passed. (add_proxy_noregex, add_proxy_regex): Take optional creds argument. * modules/proxy/proxy_util.c (ap_proxy_determine_connection): Use proxy credentials from r->notes if available. (ap_proxy_create_hdrbrgd): Set Proxy-Authorization header from credentials in r->notes if present. PR: 37355 Github: closes #135 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1881790 13f79535-47bb-0310-9956-ffa450edef68
* PR63628: individual status codes for ProxyErrorOverride.Eric Covener2020-04-111-1/+22
| | | | | | | | | | | Support specifying the http status codes to be considered by ProxyErrorOverride Submitted By: Martin Drößler <mail martindroessler.de> Committed By: covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1876404 13f79535-47bb-0310-9956-ffa450edef68
* Fix some typoChristophe Jaillet2019-12-011-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1870672 13f79535-47bb-0310-9956-ffa450edef68
* Fix the version in a compatibility noteChristophe Jaillet2019-11-251-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1870425 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy: follow up to r1836588: configurable Proxy100Continue.Yann Ylavic2019-03-221-0/+23
| | | | | | | Add Proxy100Continue directive to allow for 100-continue forwarding opt-out. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1856036 13f79535-47bb-0310-9956-ffa450edef68
* Fix a typoChristophe Jaillet2019-01-111-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1851100 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy.xml: explicitly state that proxypass cannot be used with IfLuca Toscano2018-10-221-2/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1844556 13f79535-47bb-0310-9956-ffa450edef68
* expand on ProxyPassReverse argsEric Covener2018-07-261-3/+19
| | | | | | | | | | split up the two arguments into their own paragraphs try to reinforce that the 2nd arg has to match the response hedaer, and what the first one is used for. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1836683 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy.xml: add vhost/server contextes for ProxySetLuca Toscano2018-06-271-1/+2
| | | | | | | | | | | While reading PR 62422 I noticed that ProxySet's available contextes list only 'directory', that looks odd: AP_INIT_RAW_ARGS("ProxySet", set_proxy_param, NULL, RSRC_CONF|ACCESS_CONF git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1834522 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy.xml: follow up r1834203Luca Toscano2018-06-241-7/+14
| | | | | | | | | | | Add more precise info and warn notes about variable interpolation. PR: 62477 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1834242 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy.xml: clarify the usage of variable interpolationLuca Toscano2018-06-231-4/+10
| | | | | | | PR: 62477 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1834203 13f79535-47bb-0310-9956-ffa450edef68
* Compat 2.4.24 for SSLOCSPEnable leaf (r1834089) and ResponseFieldSize ↵Yann Ylavic2018-06-221-1/+2
| | | | | | | | | (r1834093). This was already adjusted on merge to 2.4.x, no need to backport. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1834106 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy: add a link to the status flag tableChristophe Jaillet2018-05-261-2/+2
| | | | | | mod_proxy_hcheck: add some hyperlinks, improve syntax highlight, add some missing trailing dot, be more consistent with other modules in the way 'Syntax' lines are displayed git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832294 13f79535-47bb-0310-9956-ffa450edef68
* PR62199: add worker parameter ResponseFieldSize to mod_proxyEric Covener2018-04-111-0/+7
| | | | | | | | | | Submitted By: Hank Ibell Committed By: covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828926 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy_balancer: Add hot spare member type and corresponding flag (R). ↵Jim Riggs2018-04-111-2/+22
| | | | | | | | | | Hot spare members are used as drop-in replacements for unusable workers in the same load balancer set. This differs from hot standbys which are only used when all workers in a set are unusable. PR 61140. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828890 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy.xml: docs improvementsLuca Toscano2018-03-301-6/+22
| | | | | | | | | | | | Tried to clarify the doubts raised in PR 61225 (related also to 60458) and also split a single note into multiple ones to improve the reader's attention span (reading through a long block of text may cause loss of attention to important details, as it happened to me :) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828069 13f79535-47bb-0310-9956-ffa450edef68
* Add a warning for host starting with a letter.Jean-Frederic Clere2017-10-021-0/+9
| | | | | | | Fix for PR 61540. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1810316 13f79535-47bb-0310-9956-ffa450edef68
* clearer docsJim Jagielski2017-08-171-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1805323 13f79535-47bb-0310-9956-ffa450edef68
* loadfactor now decimalJim Jagielski2017-08-161-3/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1805188 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy.xml: mention DNS caching when reusing backend connectionLuca Toscano2017-07-281-1/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1803254 13f79535-47bb-0310-9956-ffa450edef68
* Clarify some mod_proxy concepts in the docsLuca Toscano2017-07-271-12/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | I have recently got some basic mod-proxy concepts and these simple info would have helped me a lot: - connection pooling == reuse. My brain did not pick up this simple nomenclature at first read for some reason, probably because we have parameters called "*reuse*" and not "*pooling*". I find the term "reuse" clearer than "pooling", but this is debatable :) - the concept of "Worker" needs to be read before the ProxyPass section (that people probably read directly after checking a search engine) to fully understand its power. - the fact that a worker is related to a single process (and not shared as a Balancer) is a really important concept that I tried to highlight when talking about maxconns (question popped up a lot of times from users). Hope that my understanding is correct, feedback is welcome. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1803171 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy_fcgi: Add the support for mod_proxy'sLuca Toscano2017-07-161-1/+1
| | | | | | | | | | | | | | | | flushpackets and flushwait params This change was requested on the development mailing list in order to fill another gap between mod_fcgi and mod_proxy_fcgi, namely the -flush funtionality. The more evolved core trunk code would not need this feature becuse of the non-blocking writes, but it is be needed in 2.4.x. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1802040 13f79535-47bb-0310-9956-ffa450edef68
* some more nitsJim Jagielski2017-06-211-10/+14
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799463 13f79535-47bb-0310-9956-ffa450edef68
* start documenting those that use the time-interval formatJim Jagielski2017-06-211-6/+7
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799460 13f79535-47bb-0310-9956-ffa450edef68
* Add upgrade parameter to mod_proxy_wstunnel.Jean-Frederic Clere2017-04-201-0/+10
| | | | | | | | | | | | That allows to upgrade to jboss-remoting for example or to run an HTTP/1.1 backend that needs to upgrade to WebSocket. See also: https://issues.jboss.org/browse/JBCS-254 https://issues.jboss.org/browse/JBCS-291 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1792092 13f79535-47bb-0310-9956-ffa450edef68
* compat inline for no-proxyEric Covener2017-03-081-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1785907 13f79535-47bb-0310-9956-ffa450edef68
* add no-proxy envvar for mod_proxyEric Covener2017-02-011-1/+14
| | | | | | | | | replacement for ProxyPass /path ! when ProxyPass is in location context. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1781328 13f79535-47bb-0310-9956-ffa450edef68
* Unified duplicate warning in mod_proxy ProxyPass documentation.Luca Toscano2016-11-141-6/+3
| | | | | | | | | | | | Also changed terminology to be in sync with: https://httpd.apache.org/docs/current/mod/directive-dict.html#Context It was confusing in my opinion to read that ProxyPass wasn't supported for the <Directory> context (since "directory" semantic is already overloaded). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1769637 13f79535-47bb-0310-9956-ffa450edef68
* Follow up about DNS Resolution cache in mod-proxy after Luca Toscano2016-06-181-7/+8
| | | | | | | | | | | a users@ email thread ("mod_proxy and DNS resolving"). Review from devs would be really appreciated, I'd like to backport this info asap to 2.4.x. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1748948 13f79535-47bb-0310-9956-ffa450edef68
* Adding a note to mod_proxy documentation to clarify DNS resolution with ↵Luca Toscano2016-05-231-0/+11
| | | | | | origin servers. Follow up from a question on users@. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1745169 13f79535-47bb-0310-9956-ffa450edef68
* Remove useless <br \> in highlight blocks.Christophe Jaillet2016-05-011-3/+3
| | | | | | (r1741864 in 2.4.x + small tweak because quoting is different. This will be fixed later on) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1741874 13f79535-47bb-0310-9956-ffa450edef68
* ABC order and add hcheckJim Jagielski2016-02-111-1/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1729838 13f79535-47bb-0310-9956-ffa450edef68
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-12 11:13:47 +0100