On Tue, Oct 18, 2005 at 12:21:04PM +0800, Louis Lam wrote:
> Dear All:
>
> do the LVS https services must be set up with SSL PROXY squid?
No
> Can i set up the https services without SSL PROXY?
Yes
> Can anyone verify my configuration proccess? any missing step which lead the
> failure to setting up a https services ?
> My step of configure the https services as below:
>
> 1---add the VIP on Director
> ifconfig eth0:0 10.0.58.136 netmask 255.255.255.255 broadcast
> 10.0.58.136
This should be the netsmask and broadcast of your network, probably:
ifconfig eth0:0 10.0.58.136 netmask 255.255.255.0 broadcast 10.0.58.255
> 2---Handle the ARP problem on Director
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
>
> 3-----Add thehttps servive
> ipvsadm -A -t 10.0.58.136:443 -s rr
> ipvsadm -a -t 10.0.58.136:443 -r 10.0.58.231 -g
What is the output of ipvsadm -Ln ?
> 4---- add the VIP on the real server
> ifconfig eth0:0 10.0.58.136 netmask 255.255.255.255 broadcast
> 10.0.58.136
This should be lo:0 and not eth0:0
> ifconfig lo:0 10.0.58.136 netmask 255.255.255.255 broadcast 10.0.58.136
>
>
> 5--- Handle the ARP problem on Real Server
> echo 1 > /proc/sys/net/ipv4/ip_forward
> echo 1 > /proc/sys/net/ipv4/conf/all/hidden
> echo 1 > /proc/sys/net/ipv4/conf/lo/hidden OR echo 1 >
> /proc/sys/net/ipv4/conf/eth0/hidden
Does /proc/sys/net/ipv4/conf/all/hidden ?
If so you want
echo 1 > /proc/sys/net/ipv4/conf/lo/hidden
And not
echo 1 > /proc/sys/net/ipv4/conf/eth0/hidden
> 6--- start Apache
Make sure it is listening for connections to 10.0.58.136:443
--
Horms
|