|
On Thursday 10 April 2003 10:08, Alan Murrell wrote:
> Hello,
>
> I have things working well on my test cluster using
> LVS-DR and HTTP (haven't got 'ldirectord' setup yet,
> though). I did read the HTTPS section in the HOWTo,
> but it left me with a couple of questions.
>
> From the HOWTO:
> > (the DNS name of the LVS cluster which is
> > associated with the VIP).
>
> Okay, so let's say I put the SSL host on the IP
> address '10.10.10.35' (we'll pretend it's a routable
> IP, as opposed to a private IP). So I setup the LVS
> to listen on that IP. Okay, not a problem.
>
> > The https on the realserver then must be setup as
> > if it had the name of the LVS cluster. To do this,
> > activate the VIP on a device on the realserver
>
> Okay, so now I go over to each of the Real Servers,
> and add, say, a loopback adapter with the
> '10.10.10.35' IP address, correct?
>
> The above seems fairly straitghtforward; my question
> comes in as to how the 'ipvadm' command looks. For
> example, to setup the forwarding for the regular HTTP
> service, I have:
>
> (Assume VIP=10.10.10.20 and RIP=10.10.10.25)
>
> /sbin/ipvsadm -A -t 10.10.10.20:80 -r 10.10.10.25 -g
> -w 1
>
> But for HTTPS, if the SSL_VIP=10.10.10.35 and the
> RIP=10.10.10.25, would I put the following:
>
> /sbin/ipvsadm -A -t 10.10.10.35:443 -r 10.10.10.25 -g
> -w 1
>
> (I did try the above, btw, but I get a "service not
> defined" error, even though it is in my
> '/etc/services' file).
>
> Now, for FTP, I understand that for "active" FTP I
> only need to forward port 21, but I assume if I wanted
> to allow passice FTP, I would need to forward both 21
> and 20, correct?
>
> Any ideas?
>
> TIA,
>
> Alan
As the error message says, you have not defined a service. For example:
/sbin/ipvsadm -A -t 10.10.10.20:443 -s wrr
After that then you can add:
/sbin/ipvsadm -a -t 10.10.10.20:443 -r 10.10.10.25 -g -w 1
|
