I came up with the follwoing solution in case anyone else runs into this
problem. Instead of icmp it does a connect to port 443 on webserver and
sends an RST after it verifies the socket is open. Not the perfect solution
but it can detect when the web service fails. Its been tested and works
Hello group,
I am trying to get a CS11152 (old arrowpoint) to load balance SSL
conections to 2 servers but it is not working. SSL works on the servers and
if I change my DNS so traffic does not got to the CS11252 VIP address but
simply routes through it to the servers the public can get an SSL
Could this have something to do with your keepalive setting? Have you
tried using a standard ping keepalive to see if that helps? I wasn't
aware that you could use the http keepalive on port 443 with this box.
John
sam sneed 2/26/02 9:23:04 AM
Hello group,
I am trying to get a CS11152
I was thinking the same thing but I did not try that. My problem with that
is if the HTTP service fails and SSL down with it the ping will still show
the server as availbale and forward requests to it. You think there is some
way I could specify the keepalive with a port # instead of type http?
We have the same issue here, but since our physical web servers run both
a secure and unsecure site, we simply use ping for the secure service
and an http get for the unsecure service. If we see the unsecure site
go down, we know users won't be able to get to the secure site either.
If it were
I see what your saying but we have a couple dedicated servers for secure
transcations.theres gotta be an easier way to do this without writitng the
scripts. I'm gonna stay on it till I find and I'll post the config once i
get working, hopefully by the end of the day. Thanks for the input.
John
6 matches
Mail list logo