From owner-freebsd-isp  Tue Aug  3  7:38: 5 1999
Delivered-To: freebsd-isp@freebsd.org
Received: from Samizdat.uucom.com (samizdat.uucom.com [198.202.217.54])
	by hub.freebsd.org (Postfix) with ESMTP id 6868914D85
	for <freebsd-isp@FreeBSD.ORG>; Tue,  3 Aug 1999 07:37:53 -0700 (PDT)
	(envelope-from cshenton@uucom.com)
Received: (from cshenton@localhost)
	by Samizdat.uucom.com (8.9.3/8.9.3) id KAA22143;
	Tue, 3 Aug 1999 10:36:47 -0400 (EDT)
To: Mike Hoskins <mike@snafu.adept.org>
Cc: "Jan B. Koum " <jkb@best.com>, LutzRab@omc.net,
	freebsd-isp@FreeBSD.ORG
Subject: Re: Loadbalance webservers
References: <Pine.BSF.4.10.9908021740300.6318-100000@snafu.adept.org>
User-Agent: SEMI/1.13.3 (Komaiko) FLIM/1.12.5 (Hirahata) Emacs/20.3 (i386-pc-solaris2.7) MULE/4.0 (HANANOEN)
MIME-Version: 1.0 (generated by SEMI 1.13.3 - "Komaiko")
Content-Type: text/plain; charset=US-ASCII
From: Chris Shenton <cshenton@uucom.com>
Date: 03 Aug 1999 10:36:46 -0400
In-Reply-To: Mike Hoskins's message of "Mon, 2 Aug 1999 17:45:55 -0700 (PDT)"
Message-ID: <lfemhldj7l.fsf@Samizdat.uucom.com>
Lines: 38
X-Mailer: Gnus v5.6.45/Emacs 20.3
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


On Mon, 2 Aug 1999, Jan B. Koum wrote:
>> I think right now we got about 10 machines serving for www main
>> site using DNS load balancing... (just 'nslookup www.yahoo.com')

On Mon, 2 Aug 1999 17:45:55 -0700 (PDT), Mike Hoskins <mike@snafu.adept.org> said:

Mike> Curious...  have you guys modified DNS in some way, or do you
Mike> just do standard round-robin?  I've read about DNS-based
Mike> approaches with low TTLs to avoid excessive caching of any
Mike> single record, but how does such an approach handle downed
Mike> servers w/o modification?

Unfortunately, most of the web clients out there are brain damaged and
don't respect the resource record TTL. This means that once they get
an answer, they'll keep going back to the same server -- even if it's
down. Hardly "balanced" :-(.

There are affodable balancer boxes from Coyote Point ($4k) and Foundry
($6K). Another big players is BIG/ip (F5 Labs) -- they're a bit more
pricey but they're more flexible.  I've played with the Foundry and
BIG/ip and for the price, I like the Foundry a lot for basic
balancing.

For free, check out the eddieware.org project. I've not got it
configured yet so I can't comment on how it works. But it's trying to
do what the other folks are doing.

Oh, if you're doing SSL, you'll have more work. Some clients from the
Pacific Northwest have broken implementations of SSLv3. This is
important because you need v3 to do SSL session tracking; v2 buried
the session ID in the crypto-blob so you can't see it. I presume this
is why Amazon and others have their server *require* v2, so they can
avoid the MSIE hang-ups, but then they lose the Session ID. I still
haven't found an affordable way to handle that, tho IPivot's SSL
accellerators will do it for a price.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message