Re: SSL on director versus real server

To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: SSL on director versus real server
From: "Jacob Coby" <jcoby@xxxxxxxxxxxxxxx>
Date: Mon, 27 Jan 2003 11:16:12 -0500
> Is it possible for SSL to be supported on the LVS
> directory rather than on the real server(s) ???

I would think so, yes.

> So, would this work... Apache+SSL running on port N on
> the LVS director, with a seperate PUBLIC or PRIVATE IP
> ADDRESS (which one???) such that SSL is handeled
> locally, then finally you get passed along to a real
> server.  I reading the J.M. HOWTO I saw something on
> local routing on the LVS directory itself, but how to
> do this whole SSL setup ... anyone have some good doc
> on it???

It would be on a public IP, and it could be the same IP as your webserver.
Remeber that lvs is port-based, so 443 (https) could be handled locally on
the directory since it effectivly owns the public ip, and port 80 (http)
could "fall through" the director onto the realservers.


<Prev in Thread] Current Thread [Next in Thread>