LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] Ldirectord not respecting received text for https

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] Ldirectord not respecting received text for https
From: Brent Jensen <brent@xxxxxxxxxxx>
Date: Fri, 14 Jan 2011 20:00:15 -0700
This makes sense. However, I'm still having problems getting it to work. I 
can connect using the virtual host via lynx to the domain without any 
errors (i.e. https://dev.mydomain.com/index.html). However, ldirectord 
fails with https (I'm using the latest version). Here's my config; http 
works just fine:

virtual=63.112.6.29:80
         fallback=127.0.0.1:80
         real=192.168.1.10:80 masq 1 "http://192.168.1.10/"; "Connected 
successfully"
         service=http
         scheduler=wrr
         #persistent=600
         protocol=tcp
         checktype=negotiate


virtual=63.112.6.29:443
         fallback=127.0.0.1:443
         real=192.168.1.10:443 masq 1
         service=https
         scheduler=wrr
         #persistent=600
         protocol=tcp
         checktype=negotiate
         checkport=443
         request="index.html"
         receive="Connected successfully"
         virtualhost="dev.mydomain.com"

Here's the debug output. Notice the "Internal Server Error". I have no clue 
why it fails. Any suggestions on where to look?

****
DEBUG2: Checking negotiate: real 
server=negotiate:http:tcp:192.168.1.10:80:::1:masq:\/http\:\/\/192\.168\.1\.10\/:Connected\
 
successfully (virtual=tcp:63.112.6.29:80)
DEBUG2: check_http: url="http://192.168.1.10/"; virtualhost="192.168.1.10"
LWP::UserAgent::new: ()
DEBUG2: Starting Check
DEBUG2: Starting HTTP/HTTPS
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: GET http://192.168.1.10/
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::collect: read 78 bytes
LWP::UserAgent::request: Simple response: OK
DEBUG2: Finished HTTP/HTTPS
DEBUG2: Enabled  real 
server=negotiate:http:tcp:192.168.1.10:80:::1:masq:\/http\:\/\/192\.168\.1\.10\/:Connected\
 
successfully (virtual=tcp:63.112.6.29:80)
DEBUG2: check_http: http://192.168.1.10/ is up
DEBUG2: Checking negotiate: real 
server=negotiate:https:tcp:192.168.1.10:443:dev.mydomain.com:443:1:masq:\/index\.html:Connected\
 
successfully (virtual=tcp:63.112.6.29:443)
DEBUG2: check_http: url="https://192.168.1.10:443/index.html"; 
virtualhost="dev.mydomain.com"
LWP::UserAgent::new: ()
DEBUG2: Starting Check
DEBUG2: Starting HTTP/HTTPS
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: GET https://192.168.1.10:443/index.html
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::UserAgent::request: Simple response: Internal Server Error
DEBUG2: Finished HTTP/HTTPS
Use of uninitialized value in concatenation (.) or string at 
/usr/sbin/ldirectord line 2832.
DEBUG2: SSL-Cipher:
Use of uninitialized value in concatenation (.) or string at 
/usr/sbin/ldirectord line 2834.
DEBUG2: SSL-Cert-Subject:
Use of uninitialized value in concatenation (.) or string at 
/usr/sbin/ldirectord line 2836.
DEBUG2: SSL-Cert-Issuer:
DEBUG2: Disabled real 
server=negotiate:https:tcp:192.168.1.10:443:dev.mydomain.com:443:1:masq:\/index\.html:Connected\
 
successfully (virtual=tcp:63.112.6.29:443)
DEBUG3: Headers Content-Type: text/plain
Client-Date: Fri, 14 Jan 2011 19:26:36 GMT
Client-Warning: Internal response
DEBUG2: check_http: https://192.168.1.10:443/index.html is down
****

Thanks,

Brent



At 10:22 AM 1/10/2011 +0000, you wrote:
>On 10 January 2011 04:42, Brent Jensen <brent@xxxxxxxxxxx> wrote:
> >
> > Thanks. I missed that somehow. I have negotiate on my http settings so
> > that's why it works there. BTW, this doesn't work now on all server when I
> > use negotiate w/ the https. Might this have something to do with the ssl
> > cert error when querying the server via the IP instead of the full https
> > common name? That's about the only thing I can think of why it's not
> > working. Thanks again. Brent
> >
>Brent,
>
>This sound s likely:
>
>virtualhost = "hostname"
>
>Used when using a negotiate check with HTTP or HTTPS . Sets the host
>header used in the HTTP request. In the case of HTTPS this generally
>needs to match the common name of the SSL certificate. If not set then
>the host header will be derived from the request url for the real
>server if present. As a last resort the IP address of the real server
>will be used.
>
>
>--
>Regards,
>
>Malcolm Turnbull.
>
>Loadbalancer.org Ltd.
>Phone: +44 (0)870 443 8779
>http://www.loadbalancer.org/
>
>_______________________________________________
>Please read the documentation before posting - it's available at:
>http://www.linuxvirtualserver.org/
>
>LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>or go to http://lists.graemef.net/mailman/listinfo/lvs-users


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>