LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] Https not working with ldirectord only http working

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] Https not working with ldirectord only http working
Cc: Sal Lvs <sal_lvs@xxxxxxxxx>
From: David Coulson <david@xxxxxxxxxxxxxxxx>
Date: Fri, 01 Apr 2011 14:31:05 -0400
You're getting a RST back from the web server.

On the HTTP server do this:

netstat -ntlp

See what is listening. I'm going to guess that your httpd process is not 
listening on the vip IP address on tcp/443, or you have a firewall 
blocking it.

David

On 4/1/11 2:25 PM, Sal Lvs wrote:
> So now I'm making progress:
>
> [root@vml-pgplb ~]# ipvsadm -Ln
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
>    ->  RemoteAddress:Port           Forward Weight ActiveConn InActConn
> TCP  152.16.195.204:443 rr persistent 300 mask 255.255.255.0
>    ->  152.16.195.187:443           Route   1      0          2
> TCP  152.16.195.204:80 rr persistent 600
>    ->  152.16.195.85:80             Route   1      0          0
>
> I get it active now, because of a misconfiguration in apache. Now what's
> happening is i'm getting traffic to the server and back to the client but 
> still
> no web page being displayed:
>
>
> 14:20:19.303052 IP bubacomp.dhe.duke.edu.36212>  vip-pgp.duhs.duke.edu.https: 
> S
> 1625127401:1625127401(0) win 5840<mss 1380,sackOK,timestamp 4200005
> 0,nop,wscale 6>
> 14:20:19.305395 IP vip-pgp.duhs.duke.edu.https>  bubacomp.dhe.duke.edu.36212: 
> R
> 0:0(0) ack 1625127402 win 0
> 14:20:33.801393 IP bubacomp.dhe.duke.edu.42000>  vip-pgp.duhs.duke.edu.https: 
> S
> 1231173693:1231173693(0) win 5840<mss 1380,sackOK,timestamp 4203629
> 0,nop,wscale 6>
> 14:20:33.801466 IP vip-pgp.duhs.duke.edu.https>  bubacomp.dhe.duke.edu.42000: 
> R
> 0:0(0) ack 1231173694 win 0
>
>
> Logs aren't showing any connection being made checked both error log, and ssl
> log.
>
>
>
>
>
> ________________________________
> From: Graeme Fowler<graeme@xxxxxxxxxxx>
> To: LinuxVirtualServer.org users mailing list.
> <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
> Sent: Fri, April 1, 2011 1:50:32 PM
> Subject: Re: [lvs-users] Https not working with ldirectord only http working
>
> On Fri, 2011-04-01 at 10:22 -0700, Sal Lvs wrote:
>> Is there some component that could possibly be missing from my ldirectord
>> installation that allows it to verify the ssl connections? It doesn't make
>> sense
>>
>> that port 80 works just fine, and port 443, is becoming quiescent.
> Try running ldirectord in debug mode (--debug or -d command line switch)
> and see what it tells you.
>
> Also, check the webserver logs on the realserver.
>
> Graeme
>
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>