|
On Tue, Aug 09, 2005 at 10:29:10AM +0900, Horms wrote:
> On Mon, Aug 08, 2005 at 12:36:58PM -0700, Joseph Mack NA3T wrote:
> > On Mon, 8 Aug 2005, Brad Taylor wrote:
> >
> > >Yes, a couple times and I understand parts of it but still getting a
> > >little confused. Doesn't seem to really answer the question below, but
> > >maybe I'm missing something?
> >
> > just wanted to make sure. The situation isn't clear AFAIK
> > either. It's not like it comes up a lot and we've got it
> > down pat. Horms probably has the clearest point on the
> > matter which is not to have a separate SSL engine but to
> > have each realserver do its own decrypting/encrypting.
> >
> > (I haven't done any of this myself.)
>
> Here is a descrition I wrote a while ago about SSL/LVS
> In a nutshell, you probably want to use persistance
> and have the real-servers handle the SSL decryption.
Actulally, using the lblc scheduler, or something similar,
might be another good solution to this problem.
>
> http://archive.linuxvirtualserver.org/html/lvs-users/2003-07/msg00184.html
>
> --
> Horms
--
Horms
|
