On Oct 4, 2011, at 1:29 AM, Poul-Henning Kamp wrote: The main we have not added a facility to bind backend connections to a particular IP# is that it is a recipe for reachability problems and kind of hard to imagine a legit case for wanting to do it in the first place, so can I get you to describe (possibly in private email) why you need to do this ?
Hello Poul, Thank you for confirming this, I suspected as much, just wasn't absolutely sure. I'll be happy to explain my use case. I'm trying to create a redundant, highly-available architecture using varnish as the front-end caching server and load-balancer. I have two machines, webproxy01 and webproxy02 that shares a VIP (the aliased interface, eth0:0) via heartbeat, so only one machine will have the appropriate IP at any given time. That being said, I was hoping that all upstream servers will see the IP address of the VIP and not the IP address for the actual machine, that way each machine is interchangeable and abstracted from the stack. If I need to swap out one of the front-ends with another front-end with a different IP address, I don't want to update all the "trusted gateway" scripts on the backend servers. As long as it is coming from the VIP, it is a trusted gateway. Let me know if this doesn't make sense or if I'm over-architecting the system...which I've been known to do :-) Henry Umansky Web Development Services Princeton University [email protected]<mailto:[email protected]> 609-258-1674
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
