RE: SSL and persistence

To:	"'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	RE: SSL and persistence
From:	"Bishop, Cass" <cbishop@xxxxxxxxxxxxxxxxx>
Date:	Tue, 7 Jan 2003 15:04:25 -0600

Is this documented anywhere?  I don't understand your message.

-----Original Message-----
From: Andres Tello Abrego [mailto:criptos@xxxxxxxxxx]
Sent: Tuesday, January 07, 2003 1:39 PM
To: 'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'
Subject: RE: SSL and persistence



U can use, then, a fw mark...
using the prerouting table, u mark all packets to port 80 and 443, then,
lvs use persistence over "marked packets" :)

obtaingin the effect u want... :)



On Tue, 7 Jan 2003, Bishop, Cass wrote:

> I am using LVS-NAT and my setup is identical to yours except that I need
> persistence on port 80 as well.  Once someone has connected on port 80 I
> need them to use the same real server for their port 443 connections as
> well.  How do I ensure that?
>
> -----Original Message-----
> From: Andres Tello Abrego [mailto:criptos@xxxxxxxxxx]
> Sent: Tuesday, January 07, 2003 1:26 PM
> To: 'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'
> Subject: Re: SSL and persistence
>
>
>
> First, u must use, LVS-NAT, sice ssl certificates are bound to a domain,
> and, on my tests, sometime the navigator, says that the ceritifactes does
> not apply to the ip... or something like that...
>
> So, I used lvsnat, and persistence only for 443.. sice i`m not interested
> in having persistance at 80
>
> ipvsadm -C
> #dando de alta web
> ipvsadm -A -t 10.4.1.9:80
> ipvsadm -a -t 10.4.1.9:80 -r 80.80.0.10:80 -w 1 -m
> ipvsadm -a -t 10.4.1.9:80 -r 80.80.0.11:80 -w 2 -m
>
> #dando de alta https
> ipvsadm -A -t 10.4.1.9:443 -p 600
> ipvsadm -a -t 10.4.1.9:443 -r 80.80.0.10:443 -w 1 -m
> ipvsadm -a -t 10.4.1.9:443 -r 80.80.0.11:443 -w 2 -m
>
>
> I`m using wigthed less connections, and I only have 2 members and 1
> director...
>
>
> On Tue, 7 Jan 2003, Bishop, Cass wrote:
>
> > I have a question that I found referenced in the archive.  I want to set
> up
> > one directory and two real servers.  The director will handle http and
> https
> > traffic.  Once a client connects to one of the real servers I want them
to
> > stay there when they change from http to https.  How do I tie the
> > persistence settings of http and https together?
> >
> > Here is what I found, it was dated 2002-04-30:
> >
> > <Old Message>
> >
> > "Richard L. Allbery" wrote:
> > >
> > >  The problem is how do I setup persistence for
> > > just port 80 and 443?  In other words, I want to tie the persistence
> > > together for these two ports.
> >
> > http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO-7.html
> >
> > Joe
> >
> > --
> > Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
> > contractor to the National Environmental Supercomputer Center,
> > mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
> >
> > _______________________________________________
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://www.in-addr.de/mailman/listinfo/lvs-users
> >
> > </Old Message>
> >
> > The link to the how-to comes up as a 404.  Can anyone direct me to the
new
> > link?
> >
> > Cass Bishop
> > Web/Voice Systems Engineer
> > ATX Technologies
> > 972-753-6289
> >
> > CONFIDENTIALITY NOTICE:  The information in this e-mail is privileged
and
> > confidential.  Any use, copying or dissemination of any portion of this
> > e-mail by or to anyone other than the intended recipient(s) is
> unauthorized.
> > If you have received this e-mail in error, please reply to sender and
> delete
> > it from your system immediately.
> >
> > _______________________________________________
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://www.in-addr.de/mailman/listinfo/lvs-users
> >
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
> CONFIDENTIALITY NOTICE:  The information in this e-mail is privileged and
> confidential.  Any use, copying or dissemination of any portion of this
> e-mail by or to anyone other than the intended recipient(s) is
unauthorized.
> If you have received this e-mail in error, please reply to sender and
delete
> it from your system immediately.
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>


_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

CONFIDENTIALITY NOTICE:  The information in this e-mail is privileged and
confidential.  Any use, copying or dissemination of any portion of this
e-mail by or to anyone other than the intended recipient(s) is unauthorized.
If you have received this e-mail in error, please reply to sender and delete
it from your system immediately.

<Prev in Thread]	Current Thread	[Next in Thread>
SSL and persistence, Bishop, Cass Re: SSL and persistence, Andres Tello Abrego Re: SSL and persistence, Malcolm Turnbull Re: SSL and persistence, Joseph Mack RE: SSL and persistence, Bishop, Cass RE: SSL and persistence, Andres Tello Abrego RE: SSL and persistence, Bishop, Cass <= RE: SSL and persistence, Peter Mueller

Previous by Date:	RE: SSL and persistence, Andres Tello Abrego
Next by Date:	RE: SSL and persistence, Peter Mueller
Previous by Thread:	RE: SSL and persistence, Andres Tello Abrego
Next by Thread:	RE: SSL and persistence, Peter Mueller
Indexes:	[Date] [Thread] [Top] [All Lists]