Re: SSL with LVS

[Chris Holloway <chrisholloway@xxxxxxxxxxxxxx>]

Brad Dameron wrote:
> On Mon, 2006-08-07 at 14:10 -0500, Chris Holloway wrote:
>   
> > Hi, I am trying to get loadbalancing working for SSL.  So far I have not 
> > been able to find much documentation in the way of getting it setup.  
> > I've tried setting it up in ldirectord.conf but have never been able to 
> > get it working successfully. The setup is real IP 207.7.248.20 and 
> > internal servers 10.0.1.1, 10.0.4.1, and 10.0.8.1. Can anyone  help 
> > steer me in the right direction.
> >     
> Here is an example ipvsadm.rules file for your setup:
>
> -A -t 207.7.248.20 -s wlc
> -a -t 207.7.248.20 -r 10.0.1.1 -m -w 1
> -a -t 207.7.248.20 -r 10.0.4.1 -m -w 1
> -a -t 207.7.248.20 -r 10.0.8.1 -m -w 1
I think that my ipvs is managed by ldirectord if I understand it right.  I am 
beginning to think I posted to the wrong group if you do not generally support 
the ldirectord config part.

I have been able to get it working for other things just not https.

Any tips are appreciated.  Sorry again if this is the wrong group..

When I do ipvsadm -a and i get:

Prot LocalAddress:Port Scheduler Flags
 -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  reverse.thumbtechs.com:ftp wlc persistent 600
 -> s4:ftp                       Masq    1      0          0
TCP  reverse.thumbtechs.com:smtp rr
 -> s3:smtp                      Masq    1      2          15
 -> s2:smtp                      Masq    0      0          0
 -> s1:smtp                      Masq    1      1          13
TCP  reverse.thumbtechs.com:domai wlc
 -> s3:domain                    Masq    1      0          0
 -> s2:domain                    Masq    1      0          0
 -> s1:domain                    Masq    1      0          0
TCP  reverse.thumbtechs.com:domai wlc
 -> s3:domain                    Masq    1      0          0
 -> s2:domain                    Masq    1      0          0
 -> s1:domain                    Masq    1      0          0
UDP  reverse.thumbtechs.com:domai wlc
 -> s3:domain                    Masq    1      0          49
 -> s2:domain                    Masq    1      0          49
 -> s1:domain                    Masq    1      0          47
UDP  reverse.thumbtechs.com:domai wlc
 -> s3:domain                    Masq    1      0          21
 -> s2:domain                    Masq    1      0          21
 -> s1:domain                    Masq    1      0          20
TCP  reverse.thumbtechs.com:domai wlc
 -> s3:domain                    Masq    1      0          0
 -> s2:domain                    Masq    1      0          0
 -> s1:domain                    Masq    1      0          0
UDP  reverse.thumbtechs.com:domai wlc
 -> s3:domain                    Masq    1      0          22
 -> s2:domain                    Masq    1      0          23
 -> s1:domain                    Masq    1      0          21
TCP  reverse.thumbtechs.com:http rr
 -> s2:http                      Masq    1      2          243
 -> s1:http                      Route   0      0          0
TCP  gw1:http rr
 -> s1:http                      Route   1      0          0
TCP  reverse.thumbtechs.com:pop3 wlc
 -> s3:pop3                      Masq    1      1          73
 -> s2:pop3                      Masq    0      0          0
 -> s1:pop3                      Masq    1      2          32
TCP  reverse.thumbtechs.com:imap wlc
 -> s3:imap                      Masq    1      4          0
 -> s2:imap                      Masq    0      0          0
 -> s1:imap                      Masq    1      3          0

Thanks,

Chris