[lvs-users] Multiple domains with SSL inside a 2 machine cluster

Ullrich Pfefferlein upfefferlein at gmail.com
Thu Oct 18 20:31:56 BST 2007 

Hi,

Michael Moody schrieb:
> You said you got this to work:
Yes, thats right.

The hint which helps me most was (Graeme Fowler <graeme at graemef.net>):
 > There's an alternative, much tidier approach for NAT which only requires
 > one IP per machine - use multiple TCP ports instead of multiple
 > addresses. You can have vhost1 bound to port 443, vhost2 to port 444 and
 > so on (obviously you need to choose this range carefully). You can then
 > configure VIP1:443 to use RS1:444, RS2:444, RS3:444 and so on.


> If I do this, it just simply doesn't work, as my vhost config 
> binds the ssl to 192.169.1.5, 6, 7, or 8, and it seems apache is unable 
> to answer requests with headers containing the vip.
Hmm. You can tell Apache to "Listen" on diffent (multiple) ports. Not 
IPs on one machine.

> Can you kindly 
> shared your config files, both vhost, and lvs configs? I'd REALLY like 
> to take a look at them.
I will help you to get your config working ;) (wheres the fun else?)

First setup your lvs to NAT the different ips on different ports for ssl 
(443). Normal http requests dont need any special config (just NAT all 
:80 requests to your :80 ports at the apache server, for each external 
ip of cause).

Then tell apache to "Listen" on the ports you have just make your redir 
(mod_ssl) for. Add the "NameVirtualHost" directive for those ports 
(since we are using ip based vhosts)

And finally setup the vhost with:
<VirtualHost 192.168.1.3:<your_redir_port>> like
<VirtualHost 192.168.1.3:444> (or what ever)

Thats all =)

Regards, Ulli

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list