On Fri, Mar 21, 2008 at 5:22 PM, Joseph Mack NA3T <[EMAIL PROTECTED]> wrote: > On Fri, 21 Mar 2008, Steven Truong wrote: > > > This caused problems because my OpenLdap slave server needs to be able > > to connect to the master server (lived server) to replicate but right > > now the slave server (hot _standby_) keeps connecting to itself. The > > whole things got complicated because of SSL/TLS certificates. This > > _standby_ server needs to connect to the VIP address that the master > > server uses to connect with start_tls thingy. > > it's a problem. > > Can you connect to the RIP using a self signed certificate? > > Joe > > -- > Joseph Mack NA3T EME(B,D), FM05lw North Carolina > jmack (at) wm7d (dot) net - azimuthal equidistant map > generator at http://www.wm7d.net/azproj.shtml > Homepage http://www.austintek.com/ It's GNU/Linux! > > _______________________________________________ > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [EMAIL PROTECTED] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users >
Hi, Joseph. I haven't tried to connect to the RIP with the self-signed certificate because both Real servers currently shared the same certficate/key. I haven't explored creating different private/public keys for this scenario yet. However the problem is that from the standby real server, I simply could not connect to the VIP (by ssh) of the lived master server. For some unknown reasons (to me), lo:0 interface got activated and masked the VIP on other server. I could only connect to it without lo:0 on the standby real server (and without arptables). I just would like to know if this is something that I misconfigured somewhere in my setups or it is something else. Is there any other workarounds beside removing lo:0 like I did? Please help. Thank you very much. _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
