Date: 03 Aug 1999 10:36:46 -0400 From: Chris Shenton <cshenton@uucom.com> To: Mike Hoskins <mike@snafu.adept.org> Cc: "Jan B. Koum " <jkb@best.com>, LutzRab@omc.net, freebsd-isp@FreeBSD.ORG Subject: Re: Loadbalance webservers Message-ID: <lfemhldj7l.fsf@Samizdat.uucom.com> In-Reply-To: Mike Hoskins's message of "Mon, 2 Aug 1999 17:45:55 -0700 (PDT)" References: <Pine.BSF.4.10.9908021740300.6318-100000@snafu.adept.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2 Aug 1999, Jan B. Koum wrote: >> I think right now we got about 10 machines serving for www main >> site using DNS load balancing... (just 'nslookup www.yahoo.com') On Mon, 2 Aug 1999 17:45:55 -0700 (PDT), Mike Hoskins <mike@snafu.adept.org> said: Mike> Curious... have you guys modified DNS in some way, or do you Mike> just do standard round-robin? I've read about DNS-based Mike> approaches with low TTLs to avoid excessive caching of any Mike> single record, but how does such an approach handle downed Mike> servers w/o modification? Unfortunately, most of the web clients out there are brain damaged and don't respect the resource record TTL. This means that once they get an answer, they'll keep going back to the same server -- even if it's down. Hardly "balanced" :-(. There are affodable balancer boxes from Coyote Point ($4k) and Foundry ($6K). Another big players is BIG/ip (F5 Labs) -- they're a bit more pricey but they're more flexible. I've played with the Foundry and BIG/ip and for the price, I like the Foundry a lot for basic balancing. For free, check out the eddieware.org project. I've not got it configured yet so I can't comment on how it works. But it's trying to do what the other folks are doing. Oh, if you're doing SSL, you'll have more work. Some clients from the Pacific Northwest have broken implementations of SSLv3. This is important because you need v3 to do SSL session tracking; v2 buried the session ID in the crypto-blob so you can't see it. I presume this is why Amazon and others have their server *require* v2, so they can avoid the MSIE hang-ups, but then they lose the Session ID. I still haven't found an affordable way to handle that, tho IPivot's SSL accellerators will do it for a price. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?lfemhldj7l.fsf>