Hi,
thanks Andreas, it works, but i have a question about it, see below.
Thanks Felix, we will think about it, running multiple pound instances,
but for now one instance serving the three IP addresses is fine for us
as we use poundctl to en- and disable the backends. Restarting pound is
not a big problem for us.
My issue:
On another setup pound serves only one external IP address and we have
configured it as follows:
ListenHTTP
Address XX.XXX.XXX.XX
Port 80
END
ListenHTTPS
Address XX.XXX.XXX.XX
Port 443
...
END
SERVICE
BackEnd
Address internalhost1
Port 8081
End
BackEnd
Address internalhost2
Port 8081
End
...
END
when calling poundctl, i see something like that:
0. http Listener XX.XXX.XXX.XX:80 a
1. HTTPS Listener XX.XXX.XXX.XX:443 a
-1. Global services
0. Service active (1)
0. Backend (UNKNOWN):0 active (1 0.000 sec) alive
1. Service active (15)
0. Backend 192.168.0.190:8081 active (5 0.000 sec) alive
1. Backend 192.168.0.191:8081 active (5 0.000 sec) alive
0. Session E04D22ADFF4178D6D6F5EE966E56D9AF.xx11 -> 0
1. Session E2E91B4B092AC9A4D6DFABA9CF27E26A.xx21 -> 1
2. Session 49F01EAF72EAFE6B2B3D806B825B9D1E.xx11 -> 0
so all sessions belong to one single service, imho both: http and https
But with my configuration on the other machine pound providing multiple
external IPs, i get this when running poundctl:
$sudo poundctl -c /var/run/pound/poundctl.socket
0. http Listener XX.XXX.XXX.1:80 a
0. Service active (5)
0. Backend 192.168.0.192:8081 active (5 0.000 sec) DEAD
1. Backend 192.168.0.192:8082 active (5 0.000 sec) alive
0. Session 8D1365CBCD8F336FB259A1EBE4EA8544.aa2 -> 1
1. HTTPS Listener XX.XXX.XXX.1:443 a
0. Service active (10)
0. Backend 192.168.0.192:8081 active (5 0.000 sec) alive
1. Backend 192.168.0.192:8082 active (5 0.000 sec) alive
2. http Listener XX.XXX.XXX.3:80 a
0. Service active (5)
0. Backend 192.168.0.192:8085 active (5 0.000 sec) DEAD
1. Backend 192.168.0.192:8086 active (5 0.000 sec) alive
0. Session 582AD6F1BFA47DC72547CC98C292682E.cc2 -> 1
3. HTTPS Listener XX.XXX.XXX.3:443 a
0. Service active (5)
0. Backend 192.168.0.192:8085 active (5 0.000 sec) DEAD
1. Backend 192.168.0.192:8086 active (5 0.000 sec) alive
0. Session 5D8771134B5E9B987AC47E20209D857A.cc2 -> 1
-1. Global services
with the following config scheme:
ListenHTTP
Address 1.2.3.4
Port 80
Service
BackEnd
Address 192.168.0.10
Port 80
...........
ListenHTTP
Address 1.2.3.5
Port 80
Service
BackEnd
Address 192.168.0.11
Port 80
...........
ListenHTTPS
Address 1.2.3.4
Port 443
Cert "/etc/pound/server1.pem"
...........
ListenHTTPS
Address 1.2.3.5
Port 443
Cert "/etc/pound/server2.pem"
My question now is: do i have multiple sessions for http and https?
Is it possible to define multiple service sections in order to group the
http and https listeners? How can i achieve that?
Kind regards
David
Am 30.08.2013 09:52, schrieb Felix Zachlod:
>> Yes, David,
>>
>> it is possible to have several ListenHTTPS blocks with their own Cert
>> configs.
> While I would generally recommend thinking about possibly running multiple
> pound instances if you run them for different purposes- this would let you
> restart one in case of a config change without interruption of another one.
> Just to think about, if this possibly makes sense for you- of course you
> might also run one instance with a lot of listeners too.
>
> regards, Felix
>
>
> --
> To unsubscribe send an email with subject unsubscribe to [email protected].
> Please contact [email protected] for questions.
>
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
