LVS as is does not have the problem. Since
LVS is based on <sip,sport; vip,vport; rip, rport>
which is not change between HTTP and HTTPS
requests, so it works fine. However, any other
ones, like Cisco or Arrowpoint, unless they add
SSL terminator (which is not cheap and is not
very effecient), will not be able to take the
advantage of cookie persistent.
F5 sales a version with SSL termination with
ADDITIONAL $6000 charge and only can
handle up to 120 transaction/s, based on their
SSL terminator supplier (Rainbow Technology).
At the mean time, LVS can handle 100,000
transactions/s, by sharing the load on many
HTTPS servers.
Having SSL termination and cookie persistent is
actually against the load balancing idea. Instead
of adding servers to share the load, SSL termination
actually created a bottleneck. That just proved
that with enough money to do marketing, a stupid
idea could become advantage; Like Hitler once
said, "repeat the lie one thousand times, people will
believe that is the truth."
At 06:40 AM 10/5/00 -0400, Joseph Mack wrote:
>Wayne wrote:
>> If you have cookie
>> persistent that always send your request to server
>> 3 during the cookies life time. Once you click
>> on the check out, you were started using the
>> secure server. However, in the HTTPS, all the
>> cookies information are also encrypted, so the
>> load balancer may not send you to server 3 any
>> more.
>
>
>if you have LVS's port persistance and the HTTPS connection
>also goes to server 3, will the problem be fixed?
>
>Joe
>
>--
>Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
>contractor to the National Environmental Supercomputer Center,
>mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|