|
Hi,
We run LVS based systems accross a number of sites
and have been very succesful with its stability etc. I have now been asked to
implement a setup where all requests that hit a certain box on http also carry
any https traffic to the same machine.
In short
192.168.15.3 192.168.15.3
so i would like the same server to be retained for
that session whether it is using http or https. As it is at the moment where we
use https if a box is handling the http traffic when this switches to https it
has the potential to end up on another box which is no good. I have read about
FWMARK and think this is what is required but i don't really understand
how.
At the moment we look something like this in the
config.
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/modprobe
ip_vs
/sbin/modprobe
ip_vs_wlc
/sbin/modprobe ip_vs_rr
/sbin/ipvsadm -C
# Web Site http
Clusters
/sbin/ipvsadm -A -t 217.158.90.5:80 -s
rr
/sbin/ipvsadm -a -t 217.158.90.5:80 -r 192.168.20.2:80
-m
sbin/ipvsadm -a -t 217.158.90.5:80 -r 192.168.20.3:80 -m
# Web Site https
Clusters
/sbin/ipvsadm -A -t 217.158.90.5:443 -s
rr
/sbin/ipvsadm -a -t 217.158.90.5:443 -r 192.168.20.2:443
-m
sbin/ipvsadm -a -t 217.158.90.5:443 -r 192.168.20.3:443 -m
What would this config look like using FWMARK ? We
are using 2.4.18 kernels
thanks
Tom
| 