Hi,
I am new to the list. Please excuse if this has been discussed before,
but I didn't find it in the archives.
I have 2 linux boxes sharing ipv4 addressess for high available LDAP
Access to our AD infrastructure with keepalived and then forwarding the
requests to our 3 AD Servers.
With ipv4 it works without issues:
listen dc-intern-ldap
bind 128.130.30.20:389 transparent
mode tcp
option tcplog
log global
balance leastconn
server dc01 128.130.30.21:389 maxconn 5000 check
server dc02 128.130.30.22:389 maxconn 5000 check
server dc03 128.130.30.23:389 maxconn 5000 check
if 128.130.30.20 is not assiged on the secondary node, nothing fails.
when keepalived switches over, everything works as expected.
with 1.5-dev13 I read the ipv6 transparent works now as well:
listen dc-intern-ldap-v6
bind 2001:629:1005:30::20:389 transparent
mode tcp
option tcplog
log global
balance leastconn
server dc01 2001:629:1005:30::21:389 maxconn 5000 check
server dc02 2001:629:1005:30::22:389 maxconn 5000 check
server dc03 2001:629:1005:30::23:389 maxconn 5000 check
Sadly, this fails on the secondary server, since 2001:629:1005:30::20 is
not currently active:
Starting haproxy: haproxy[ALERT] 085/083351 (31506) : Starting proxy
dc-intern-ldap-v6: cannot bind socket [2001:629:1005:30::20:389] failed!
Have I don't something wrong? I would like to also provide IPv6 access
to our LDAP infrastructure (and www later on as well).
thanks
Philipp
