On 4/24/07, Gary Buckmaster <[EMAIL PROTECTED]> wrote:
This issue turned out to be primarily a configuration problem, although
it serves as a good lesson for others to learn from so I'll post the
reply for the sake of posterity.
<background>
We currently have 16 web servers in production handling requests. They
are sitting behind Cisco Localdirectors. Because of how the
LocalDirectors are configured, its not a simple plug-and-play scenario
to substitute in the pfSense boxes. In order to make the transition
more smooth, a number of machines were multi-homed so as to exist behind
the localdirectors and the new pfSense network.
</background>
The astute reader will quickly surmise what happened. Although the web
servers were located on both networks, their default route was
inadvertently left alone. Thus traffic coming from the pfSense boxes
was replied to using the wrong network card, causing the timeout issues.
This turned out to be a blessing in disguise because it demonstrated a
more gentle way we could transition to the new machines without
interrupting service dramatically as DNS propagated to the new cluster.
I'm not following what the gentle way of transitioning to the new
machines is. Care to elaborate a little? Did you change the default
route on part of the farm and disable the interfaces on the machines
that should still be going through the LocalDirector?
--Bill
PS. I'm very happy to see pfSense replace a LocalDirector - I honestly
didn't expect to see anyone using the load balancing code when I wrote
it, except for the one person that requested it.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
