[quote user="quanah"]In general, people aren't expected to run zmproxyinit. They're expected to use the install-based menus.
However, I am working on making it smarter every release. [/QUOTE]
Yeah, seen that in the bugzilla.
[quote user="quanah"]Um, I'm not sure what you mean here. Either you are taking connections in at the proxy server on port 80, and forwarding them to the mail server at 8080, or you aren't using proxy. You can't have the store server also accepting port 80.[/QUOTE]
I don't agree.
Look at the way we're using the proxy here (maybe you'll tell me it's not designed for this use) : the customer wants his ZCS servers (MTA, LDAP and mailstore(s)) on his LAN.
Users are used to access to the mailstore in http (mainly https actually).
Customer want a reverse-proxy in the DMZ and he wants the external users to connect to the reverse-proxy while the internal users should still connect to the LAN servers without changing any habit of course.
Here comes zimbra-proxy for the reverse-proxy (being a proxy on https only, for external use) but we need the mailstore to keep the same behaviour (the "Both" mode)...
I agree with your point only if proxy and mailstore are on the same server... But I honestly don't see the point of this.
[quote user="quanah"]I'll have to ask the dev if there's a technical limitation here.[/QUOTE]
Maybe it's related to self-signed certificates (it's a pain with apache as reverse-proxy too, you need to teach the certificates to apache)?
Have a nice week-end.
[SOLVED] zimbra-proxy limitations
[SOLVED] zimbra-proxy limitations
Here's my situation. We have an existing stand-alone zimbra system in a
data center that the company (worldwide) accesses. I want to increase
response time for one location, and free up a little disk space, so I installed
another server on-site that I'll move all of those employees' mailboxes to.
I finally installed zimbra-proxy during my upgrade from 5.0.8 to 5.0.9 last
night, and I'm now thinking I will also want zimbra-proxy installed onto the
on-site server as well. I need the users to experience Zimbra on the LAN,
rather than over a T1, which will help customer perception of the system.
So, in my case, I'm going to have zimbra-store AND zimbra-proxy on both
systems.
Thinking about this gets me confused as to what the zmproxyinit command
actually does, since the documentation seems to have me typing that on
the proxy servers and the mailstore servers as if they're seperate... I also
thought that "mailbox.node.service.hostname" and
"mailbox.node.service.hostname" were literal strings, until reading this
thread. The documentation uses in other parts
of the documentation, so...there's that.
Anyway, do I need to type this zmproxyinit command twice on each server?
Since the mailstore is going to be listening on 8080 and 8443, it seems
silly to install a seperate OS for proxy services...
This idea (having both servers proxy + mailstore) is based on the assumption
that having zimbra-proxy only be at data center (over the T1), it'd do
nothing for increasing performance, and actually double the bandwidth as
traffic would be going down and back for those who have their mailboxes
moved to the on-site server.
The worst case scenario is that the users have to remember which zimbra
server they're on, and that would be one of the most annoying questions
to address on a daily basis..."Am I on zimbra1 or zimbra2?" (we're planning
on giving each remote site their own mailstore servers...so this scenario
would become increasingly annoying.)
--Brian
data center that the company (worldwide) accesses. I want to increase
response time for one location, and free up a little disk space, so I installed
another server on-site that I'll move all of those employees' mailboxes to.
I finally installed zimbra-proxy during my upgrade from 5.0.8 to 5.0.9 last
night, and I'm now thinking I will also want zimbra-proxy installed onto the
on-site server as well. I need the users to experience Zimbra on the LAN,
rather than over a T1, which will help customer perception of the system.
So, in my case, I'm going to have zimbra-store AND zimbra-proxy on both
systems.
Thinking about this gets me confused as to what the zmproxyinit command
actually does, since the documentation seems to have me typing that on
the proxy servers and the mailstore servers as if they're seperate... I also
thought that "mailbox.node.service.hostname" and
"mailbox.node.service.hostname" were literal strings, until reading this
thread. The documentation uses in other parts
of the documentation, so...there's that.
Anyway, do I need to type this zmproxyinit command twice on each server?
Since the mailstore is going to be listening on 8080 and 8443, it seems
silly to install a seperate OS for proxy services...
This idea (having both servers proxy + mailstore) is based on the assumption
that having zimbra-proxy only be at data center (over the T1), it'd do
nothing for increasing performance, and actually double the bandwidth as
traffic would be going down and back for those who have their mailboxes
moved to the on-site server.
The worst case scenario is that the users have to remember which zimbra
server they're on, and that would be one of the most annoying questions
to address on a daily basis..."Am I on zimbra1 or zimbra2?" (we're planning
on giving each remote site their own mailstore servers...so this scenario
would become increasingly annoying.)
--Brian
[SOLVED] zimbra-proxy limitations
[quote user="bjared"]
So, in my case, I'm going to have zimbra-store AND zimbra-proxy on both
systems.
Anyway, do I need to type this zmproxyinit command twice on each server?
Since the mailstore is going to be listening on 8080 and 8443, it seems
silly to install a seperate OS for proxy services...
[/QUOTE]
No, if store and proxy are on the same box, then you only need to run it once for that box. I.e., it must be run once for all of store and proxy, but if they are both on a box together, it does the needed bits for both.
So, in my case, I'm going to have zimbra-store AND zimbra-proxy on both
systems.
Anyway, do I need to type this zmproxyinit command twice on each server?
Since the mailstore is going to be listening on 8080 and 8443, it seems
silly to install a seperate OS for proxy services...
[/QUOTE]
No, if store and proxy are on the same box, then you only need to run it once for that box. I.e., it must be run once for all of store and proxy, but if they are both on a box together, it does the needed bits for both.
--
Quanah Gibson-Mount
Product Architect, Symas http://www.symas.com/
OpenLDAP Core team http://www.openldap.org/project/
Quanah Gibson-Mount
Product Architect, Symas http://www.symas.com/
OpenLDAP Core team http://www.openldap.org/project/