LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

RE: Please Help~~~!HTTPS Problem~! Many Thanks to Graeme Fowler---Proble

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Please Help~~~!HTTPS Problem~! Many Thanks to Graeme Fowler---Problem Solved
From: "Louis Lam" <louis.lam@xxxxxxxxxxxxxxxxxxxx>
Date: Mon, 31 Oct 2005 17:26:43 +0800
Dear Graeme:

We have solved the SSL Problem after your helps
Thanks for your helps and reply 


Thank You


Best Regards
Louis

-----Original Message-----
From: lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx 
[mailto:lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx]On Behalf Of Graeme Fowler
Sent: Friday, October 28, 2005 7:15 PM
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: RE: Please Help~~~!HTTPS Problem


On Fri 28 Oct 2005 12:00:52 BST , Louis Lam 
<louis.lam@xxxxxxxxxxxxxxxxxxxx> wrote:
> 1. ipvsadm -Ln

OK, cool, nothing too complicated there.

> 2. It works for real / private ip.
>    It doesn't work for virtual ip.

So you're saying that the client *can* browse directly to the RIP. This 
is useful.

> 3.  The ip where browser is used for testing  is 10.0.58.93
<snip dumps>
It would be useful if you can let everything quiesce (not in LVS terms, 
but network terms) so nothing at all is happening and then run "tcpdump 
-qn -i[interface] port [80 or 443]" at the same time on the client, the 
director, and the realserver. If the director has multiple interfaces 
you may have to run with "-i all", without the switch at all, or run it 
more than once at the same time.
Then do a connection to port 80 and see what happens, then one to port 
443 and see what happens.

> 4. When no clients are trying to connect
<snip ldirectord timing>

OK, got that.


[thinking out loud]

Is the webserver - presumably Apache - bound to port 443 on the VIP on 
each realserver? We know you can hit the RIP on the realservers, but as 
you're using DR and not NAT this begs the question of whether Apache is 
actually listening on the VIP... maybe looking at your SSL virtual host 
configuration would be useful here.

Graeme


<Prev in Thread] Current Thread [Next in Thread>
  • RE: Please Help~~~!HTTPS Problem~! Many Thanks to Graeme Fowler---Problem Solved, Louis Lam <=