|
Hello,
On Wed, 17 Jan 2001, Paul Lussier wrote:
> Hi all,
>
> I have the following configuration:
>
> lvs1:/# ipvsadm
> IP Virtual Server version 1.0.2 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP ssifarm.lowell.mclinux.com:https rr
> -> ssifarm1.lowell.mclinux.com:https Route 1 0 0
> TCP ssifarm.lowell.mclinux.com:telnet rr
> -> ssifarm1.lowell.mclinux.com:telnet Route 1 0 0
>
> I can telnet to ssifarm, but not to ssifarm:443, in other words, lvs is
> working for telnet, but it appears that it's not working for https.
It is not obvious from the provided ipvsadm output. Can you
tcpdump one session? Many things can go wrong in test environments?
If you are just asking if there is a known problem with SSL, the short
answer is NO, there is no.
> Any ideas what could be wrong or what to look at?
Stop all real servers and leave only one where you will start
tcpdump -len host client
this will show the ICMP and the TCP packets to/from the client.
You can do the same in the director and in the client.
How do you detect that it is not working, only by looking in
the browser window? The ipvsadm table is empty which can mean that
you hit directly the real server (ARP problem) but you don't mention
when this output is generated, before or after the failed SSL test.
>
> Thanks,
Regards
--
Julian Anastasov <ja@xxxxxx>
|
