LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

SSL Persistent Connections

To: "lvs-users@LinuxVirtualServer. org" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: SSL Persistent Connections
From: "Ryan Clark" <ryan.clark@xxxxxxxxxxxxxxxxx>
Date: Tue, 27 Aug 2002 09:37:13 -0700
Okay, here's what I've got setup for myself with configure-lvs-0.9.2.  I can
get ftp, http, telnet, ssh and https (non-persistent to work).  I cannot get
any persistent type of connections to work.  Please let me know if there's
anything wrong with my setup.

#lvs_nat.conf
#(C) 2000-2001 Joseph Mack jmack@xxxxxxx
#Two networks, two NIC director.
#
#
#               ________
#              |        |
#              | client |
#              |________|
#           CIP=eth0 10.3.6.1
#                  |
#                  |
#        VIP=eth1 10.4.1.141/24
#                       Lvs2
#              __________
#             |          |
#             | director |
#             |__________|
#        DIP=eth0   192.168.0.1/24
#                  |
#                  |
#                  |
#         -------------------
#         |                 |
#         |                 |
#     RIP1=eth0         RIP2=eth0
#       bashfull                sneezy
#    192.168.0.10      192.168.0.20
#   ______________    ______________
#  |              |  |              |
#  | realserver1  |  | realserver2  |
#  |______________|  |______________|
#
#----------lvs_nat.conf------------------------------------
LVSCONF_FORMAT=1.1
LVS_TYPE=VS_NAT
INITIAL_STATE=on
CLEAR_IPVS_TABLES=yes
#
#VIP line format - device[:alias] IP netmask broadcast
#To help avoid namespace collisions with other VIPs, I set alias=last number
of VIP (here 110).
VIP=eth1 10.4.1.141 255.255.255.0 10.4.1.255
#
#DIP line format - device[:alias] IP network netmask broadcast
DIP=eth0 192.168.0.1 192.168.0.0 255.255.255.0 192.168.0.255
#
#DIRECTOR_GW - packets with src_addr=VIP, dst_addr=0/0 are sent to
DIRECTOR_GW
#to be forwarded to the outside world.
#The script will not neccesarily set up the DIRECTOR_GW as the director's
default gw.
DIRECTOR_GW=10.4.1.252
#
#SERVICE line format - proto port scheduler IP|name:port[,weight]
[IP|name:port[,weight]]
SERVICE=t http wlc 192.168.0.10:http,100 192.168.0.20:http,100
SERVICE=t https wlc ppc bashfull:https,1 sneezy:https,1
#
SERVER_NET_DEVICE=eth0:1
#----------end lvs_nat.conf---------------------------------

Then I run it

./configure lvs_nat.conf -i

Once it's done this is what ipvsadm shows:

IP Virtual Server version 1.0.3 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

I've tried it with Round Robin and Weighted Round Robin with the same
results.  I've not touched the configure script itself.



--
Ryan Clark
System Administrator
The Internet Marketing Center
ryan.clark@xxxxxxxxxxxxxxxxx
604-730-2833



<Prev in Thread] Current Thread [Next in Thread>