Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
741
Views
0
Helpful
3
Replies

CSM: Balancing to real URLs instead to Realservers ???

hakan.topcu
Level 1
Level 1

‎01-28-2011 05:21 AM

Hi there,

I got the following request:

A virtual server should be balanced to two realservers, but not simply to an IP, but to a specific port and a specific location on those servers, lets say to:

realserver1:8002/location” and “realserver2:8002/location

The virtual server should be available only by SSL, e.g. by “https://10.10.10.10

http connects should be automatically redirected to https.

My idea was to build a vserver (vserver1) listening on port 443, that virtualizes “realserver[1/2]:8002” by configuring the two reals in a farm with port 8002:

serverfarm farm1

real name realserver1 8002

real name realserver2 8002

and to configure two vservers (vserver2 and 3) with a farm, that redirects http and https requests to 10.10.10.10 to the above vserver1 appended by the location in the URL, e.g.:

serverfarm sfarm-redirect

redirect-server vserver-redirect

   webhost relocation https://vserver1/location

Any comments if this would work, or is there a more simple way to realize this scenario?

Thanks in advance

Hakan

Labels:
0 Helpful
3 Replies 3

litrenta
Level 3
Level 3

‎01-28-2011 07:08 AM

this is how you would do it. then you would have a vserver listening to the vip on

port 80 pointing to the redirect farm , and a vserver on port 443 loadbala

ncing to the farm. Are terminating ssl on an sslm or is

this a csm-s ?

0 Helpful

hakan.topcu
Level 1
Level 1
In response to litrenta

‎01-30-2011 11:48 PM

This is a simple CSM WS-X6066-SLB-APC with Software release 4.3(1), without SSL module. SSL should terminate on realservers.

Is this a valid, or a common configuration for such a requirement above?

Or is there another way to configure this scenario?

Thanks

0 Helpful

Francesco Casotto
Cisco Employee
Cisco Employee
In response to hakan.topcu

‎01-31-2011 12:35 AM

Hakan,

for SSL connections if you do not terminate them on the loadbalancer there is no way that the loadbalancer can anyhow modify the request or issue a redirect. The reason for the limitiation is that with SSL connection the CSM won't have the chance to parse the HTTP traffic as this will be in the encrypted payload of the SSL flow, without access to the underlying HTTP it cannot see the requested URL or HOST nor it can issue an HTTP redirect.

Hope it helps,

Francesco

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card