Hi Dima,Emilio,
Our concurrent connections are about 790 when we face the situation. Yes, I also agree that for putting SSL offloading in LB shoulders. BUT I want to get xforward parameter on servers behind the LB. When I use TCP farm, servers behind dthe LB only see ZEN’s interface IP as Xforward. The topology is like that; client open connection to ZEN, ZEN open connection to LB, LB sends to server. In that situation I have to use HTTPS farm to decrypt http traffic and send xforward parameter to the servers. @Dima you said à To raise this limit you will need to split traffic between interfaces: load balance (l4xnat) your load balancer (with SSL offload). Do you mean to use TCP farm and do SSL offloading in LB? Our zen is virtual machine. From: Emilio Campos [mailto:[email protected]] Sent: Friday, January 03, 2014 11:10 PM To: [email protected] Subject: Re: [Zenloadbalancer-support] HTTPS Farm Capacity Hi Ilkin, consider the Dima's indications, and also It would be very interesting to know how many concurrent connections are you managing and the hardware (physical or virtual) that you have. 2014/1/3 Dima Polyakov <[email protected]> Well, this is how it goes: 1) any HTTPS farm has predefined limit due to TCP ports (ZLB will accept traffic at port 443 and will use its any free port to connect to port 80). So making HTTPS farm you already limit yourself. To raise this limit you will need to split traffic between interfaces: load balance (l4xnat) your load balancer (with SSL offload). 2) offload SSL – you put ALL traffic encryption/decryption on LB shoulders. It is a lot of extra work and you do need fast server for that. IMHO, for any farm that is not L4 you need to have a really good reason why to use it due to limited connections, cannot get source IP and higher hardware requirements. Dima From: ilkin [mailto:[email protected]] Sent: Friday, January 3, 2014 10:51 AM To: [email protected] Subject: Re: [Zenloadbalancer-support] HTTPS Farm Capacity Hi Dima, 1-) What did you mean by conenctions use l4Xnat ? I have to offload SSL and thus I want to use HTTPS farm. 2-) High CPU only on farm level, there is no CPU/memory problem at hardware level. Thank you very much. From: Dima Polyakov [mailto:[email protected]] Sent: Friday, January 03, 2014 5:46 PM To: [email protected] Subject: Re: [Zenloadbalancer-support] HTTPS Farm Capacity There are few options you can do: 1) Connections: use l4xnat – virtually unlimited connections (as much as you have memory). 2) High CPU load: throw hardware at the problem. Basically use faster computer and network cards. Dima From: ilkin [mailto:[email protected]] Sent: Friday, January 3, 2014 10:17 AM To: [email protected] Subject: [Zenloadbalancer-support] HTTPS Farm Capacity Importance: High Hi All, Are there any mechanism to increase the connection number / capacity to increase in HTTPS Farm? As you know, it is possible in TCP Farms. I see from Global view on web page that the Load of CPU is %133 on HTTPS farm. There are also another farms in ZEN that do not suffer from capacity. How can I arrange this? Thank you. İlkin Turkoğlu (Mr.) Network Admin ITU Ayazaga Kampusu, Koru Yolu, ARI2 A Blok Maslak, Istanbul, Turkiye p: (+90) 212-276-1500 <tel:%28%2B90%29%20212-276-1500> | f: (+90) 212-276-1517 <tel:%28%2B90%29%20212-276-1517> m: (+90) +90 530 822 59 51 <tel:%2B90%20530%20822%2059%2051> | w: <http://www.hititcs.com/> www.hititcs.com <http://www.hititcs.com/> Hitit Computer Systems ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831 <http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk> &iu=/4140/ostg.clktrk _______________________________________________ Zenloadbalancer-support mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support -- Load balancer distribution - Open Source Project http://www.zenloadbalancer.com Distribution list (subscribe): [email protected]
<<image001.jpg>>
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________ Zenloadbalancer-support mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
