[Ukfreebsd] load balancing

Pete French pete at twisted.org.uk
Fri Jan 7 18:39:50 GMT 2011


> haproxy can forward the source IP in a custom header, but it does have
> no SSL support at all, you'd have to use something like stunnel which
> I'd guess would make getting the source IP even more interesting...

Yes, thats the line of reaosning I ended up with. Nginx has native SSL
support and can forward the original IP (and theres an Apache module
to make the header and act as if it came in directly). hence me deciding
to try and go for that...

> Aah, IPv6 will only be supported in some 2.0 or later pfSense which
> would make it awkward for you.

My setup is not that coplex anyway really - I just want basic firewall,
carp and ipv6 using 6to4 and maybe a gif tunnel. Out of those the only
one I havent done before is carp. If you are deploying a big webfarm then
IPv6 is great though, as it gives you a way to directly address every
machine even if you only have one IPv4 address on the outside, and
without and of that VPN nonsense - started using it a few years ago
and couldnt live withotu it anymore.

cheers,

-pete.


More information about the Ukfreebsd mailing list