LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

[lvs-users] ssl problem

from [Sharif Uddin] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: [lvs-users] ssl problem
From: Sharif Uddin <sharif@xxxxxxxxxx>
Date: Tue, 14 Jun 2011 12:17:31 +0100 
Hi to all,

I have set up DR routing load balancing method. now everything was 
working fine a few days ago until suddenly secure connections are not 
working on the vip.



vip 195.171.205.21


realserver 195.171.205.2


if i run the following
     openssl s_client -connect 195.171.205.21:443 -state -debug


i get following error
     CONNECTED(00000003)
     SSL_connect:before/connect initialization
     write to 0x132e5f0 [0x132fd80] (95 bytes => 95 (0x5F))
     0000 - 16 03 01 00 5a 01 00 00-56 03 01 4d f7 42 36 77   
....Z...V..M.B6w
     0010 - 4b 1d 17 f2 9a 26 b6 21-44 29 96 5a 7d 7d 87 b6   
K....&.!D).Z}}..
     0020 - 72 ef 04 e9 fb ba 0a 5a-6d e1 e5 00 00 28 00 39   
r......Zm....(.9
     0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f   
.8.5.......3.2./
     0040 - 00 05 00 04 00 15 00 12-00 09 00 14 00 11 00 08   
................
     0050 - 00 06 00 03 00 ff 02 01-00 00 04 00 23            ............#
     005f - <SPACES/NULS>
     SSL_connect:SSLv2/v3 write client hello A
     read from 0x132e5f0 [0x13352e0] (7 bytes => 7 (0x7))
     0000 - 3c 21 44 4f 43 54 59 <!DOCTY
     SSL_connect:error in SSLv2/v3 read server hello A
     15804:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown 
protocol:s23_clnt.c:607:



but when i try on realserver it works fine
openssl s_client -connect 195.171.205.2:443 -state -debug



ipvsadm -ln

    IP Virtual Server version 1.2.1 (size=4096)
    Prot LocalAddress:Port Scheduler Flags
       -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
    TCP  195.171.205.7:3306 wrr
       -> 195.171.205.41:4041          Local   1      0          0
    TCP  195.171.205.21:80 wrr
       -> 195.171.205.2:80             Route   1      0          0
       -> 195.171.205.3:80             Route   1      0          0
       -> 195.171.205.4:80             Route   1      0          0
    TCP  195.171.205.21:443 wrr
       -> 195.171.205.2:443            Route   1      0          0
       -> 195.171.205.3:443            Route   1      0          0
       -> 195.171.205.4:443            Route   1      0          0



as you can see the realservers are active on port 443


I have googled for the ssl problem and have tried out changing the 
vhosts to _default_ but makes no difference.

Why would it not work on the vip?
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [lvs-users] ssl problem, Sharif Uddin <=
Previous by Date:  [lvs-users] Setting Max Connections, Robinson, Eric
Next by Date:  Re: [lvs-users] Setting Max Connections, Simon Horman
Previous by Thread:  [lvs-users] Setting Max Connections, Robinson, Eric
Next by Thread:  [lvs-users] Incorrect client connect statistics data after unsigned int overflow, Dongsheng Song
Indexes:  [Date] [Thread] [Top] [All Lists]