|
On Fri, Mar 21, 2008 at 5:22 PM, Joseph Mack NA3T <jmack@xxxxxxxx> wrote:
> On Fri, 21 Mar 2008, Steven Truong wrote:
>
> > This caused problems because my OpenLdap slave server needs to be able
> > to connect to the master server (lived server) to replicate but right
> > now the slave server (hot _standby_) keeps connecting to itself. The
> > whole things got complicated because of SSL/TLS certificates. This
> > _standby_ server needs to connect to the VIP address that the master
> > server uses to connect with start_tls thingy.
>
> it's a problem.
>
> Can you connect to the RIP using a self signed certificate?
>
> Joe
>
> --
> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
> jmack (at) wm7d (dot) net - azimuthal equidistant map
> generator at http://www.wm7d.net/azproj.shtml
> Homepage http://www.austintek.com/ It's GNU/Linux!
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
Hi, Joseph. I haven't tried to connect to the RIP with the
self-signed certificate because both Real servers currently shared the
same certficate/key. I haven't explored creating different
private/public keys for this scenario yet. However the problem is
that from the standby real server, I simply could not connect to the
VIP (by ssh) of the lived master server. For some unknown reasons
(to me), lo:0 interface got activated and masked the VIP on other
server. I could only connect to it without lo:0 on the standby real
server (and without arptables). I just would like to know if this is
something that I misconfigured somewhere in my setups or it is
something else.
Is there any other workarounds beside removing lo:0 like I did?
Please help.
Thank you very much.
|
