|
On 5/30/06, Joseph Mack NA3T <jmack@xxxxxxxx> wrote:
>
> To save some time repeating myself, have you read the
> section in the HOWTO on SSL accelarators with LVS?
After going through the lengthy section on SSL, I still have a a question
regarding IP management.
As far as I can tell the following will not work because of the nature of
SSL and the fact that LVS-DR does not modify the packets.
TCP site1.com:443 rr
-> 192.168.14.170:443 Route 1 0 0
TCP site2.com:443 rr
-> 192.168.14.170:443 Route 1 0 0
So, if I am using a LVS-DR setup am I correct in assuming that I need to
have 1 VIP for every certificate in addition to 1 RIP per certificate on
each real server?
(RIP=(certificates x servers)) + (VIP=(1x certificates)) = total # of IP
addresses needed
So to take my example of 50 certificates with 20 real servers...
(RIP=(50x20)) + (VIP=(1x50)) = 1050?!?!!
I will need 1000+ IP addresses in order to support 50 certificates? Please
set me straight because this doesn't seem right to me.
-CM
| 