LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

LVS-DR and HTTPS and FTP question

To: LVS Users List <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: LVS-DR and HTTPS and FTP question
From: Alan Murrell <silkbc@xxxxxxxxx>
Date: Wed, 9 Apr 2003 22:08:54 -0400 (EDT)
Hello,

I have things working well on my test cluster using
LVS-DR and HTTP (haven't got 'ldirectord' setup yet,
though).  I did read the HTTPS section in the HOWTo,
but it left me with a couple of questions.
  
>From the HOWTO:
> (the DNS name of the LVS cluster which is
> associated with the VIP).

Okay, so let's say I put the SSL host on the IP
address '10.10.10.35' (we'll pretend it's a routable
IP, as opposed to a private IP).  So I setup the LVS
to listen on that IP.  Okay, not a problem.

> The https on the realserver then must be setup as
> if it had the name of the LVS cluster. To do this,
> activate the VIP on a device on the realserver

Okay, so now I go over to each of the Real Servers,
and add, say, a loopback adapter with the
'10.10.10.35' IP address, correct?

The above seems fairly straitghtforward; my question
comes in as to how the 'ipvadm' command looks.  For
example, to setup the forwarding for the regular HTTP
service, I have:

(Assume VIP=10.10.10.20 and RIP=10.10.10.25)

/sbin/ipvsadm -A -t 10.10.10.20:80 -r 10.10.10.25 -g
-w 1

But for HTTPS, if the SSL_VIP=10.10.10.35 and the
RIP=10.10.10.25, would I put the following:

/sbin/ipvsadm -A -t 10.10.10.35:443 -r 10.10.10.25 -g
-w 1

(I did try the above, btw, but I get a "service not
defined" error, even though it is in my
'/etc/services' file).

Now, for FTP, I understand that for "active" FTP I
only need to forward port 21, but I assume if I wanted
to allow passice FTP, I would need to forward both 21
and 20, correct?

Any ideas?

TIA,

Alan





______________________________________________________________________ 
Post your free ad now! http://personals.yahoo.ca
<Prev in Thread] Current Thread [Next in Thread>