| Subject: | Re: carp and dead daemon |
|---|---|
| From: | "matthew sporleder" <msporleder@xxxxxxxxx> |
| Date: | Thu, 31 Jul 2008 20:32:24 UTC |
| Newsgroups: | fa.netbsd.tech.net |
On Thu, Jul 31, 2008 at 3:57 PM, Emmanuel Dreyfus <manu@xxxxxxxxxx> wrote: > matthew sporleder <msporleder@xxxxxxxxx> wrote: > >> Have you considered using something like pen (pkgsrc /net/pen) for >> your services instead? > > If the service is SMTP, then having the real sender IP (and not pen load > balancer's one) is important for spam filtering, This is a common problem with load balancers and proxies (I've used many in front-of web apps where we had to insert custom X-Forward headers and other hacks -- I'm not sure if pen can do this), but I thought most spam filters used smtp headers? I don't run any of my own email servers, though. > > And how does that cope with SSL? > I don't think it tries to read into the protocols at all. HTTPS is enabled with host1:443 host2:443, so it should just pass it along. I should also point out that you're really just trading one application for another since pen could fail and CARP wouldn't notice. I would love to see port-level monitoring/kernel-module load balancing built into NetBSD. :) |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: carp and dead daemon, Emmanuel Dreyfus |
|---|---|
| Previous by Thread: | Re: carp and dead daemon, Emmanuel Dreyfus |
| Indexes: | [Date] [Thread] [Top] [All Lists] |