Jeremy Portzer wrote: > > Another thing to think about is if the Cisco Local Director can support > SSL on that box itself. I don't know much about this particular > equipment, but I understand that some load-balancing hardware can host > the SSL certificate on the balancer itself, and then forward the HTTP > requests on to the internal machines. (In this sense it is acting as a > reverse proxy server of sorts.) This off-loads the SSL processing from > your machines, allowing them to spend more CPU cycles on the actual > application. The machines just see "normal" port 80 requests in this > case.
In the LVS project we're encouraging people to do the encryption/decryption on the individual servers. That way the load balancer is just routing and rather than doing SSL work for all the backend machines. Joe -- Joseph Mack PhD, High Performance Computing & Scientific Visualization LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007 Federal Contact - John B. Smith 919-541-1087 - [EMAIL PROTECTED] -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
