Re: carp and dead daemon

To: "Emmanuel Dreyfus" <manu%netbsd.org@localhost>
Subject: Re: carp and dead daemon
From: "matthew sporleder" <msporleder%gmail.com@localhost>
Date: Thu, 31 Jul 2008 16:32:13 -0400

On Thu, Jul 31, 2008 at 3:57 PM, Emmanuel Dreyfus <manu%netbsd.org@localhost> 
wrote:
> matthew sporleder <msporleder%gmail.com@localhost> wrote:
>
>> Have you considered using something like pen (pkgsrc /net/pen) for
>> your services instead?
>
> If the service is SMTP, then having the real sender IP (and not pen load
> balancer's one) is important for spam filtering,

This is a common problem with load balancers and proxies (I've used
many in front-of web apps where we had to insert custom X-Forward
headers and other hacks -- I'm not sure if pen can do this), but I
thought most spam filters used smtp headers?  I don't run any of my
own email servers, though.

>
> And how does that cope with SSL?
>

I don't think it tries to read into the protocols at all.  HTTPS is
enabled with host1:443 host2:443, so it should just pass it along.

I should also point out that you're really just trading one
application for another since pen could fail and CARP wouldn't notice.
 I would love to see port-level monitoring/kernel-module load
balancing built into NetBSD.  :)

Follow-Ups:
- Re: carp and dead daemon
  - From: Thor Lancelot Simon
- Re: carp and dead daemon
  - From: Emmanuel Dreyfus

References:
- Re: carp and dead daemon
  - From: matthew sporleder
- Re: carp and dead daemon
  - From: Emmanuel Dreyfus

Prev by Date: Re: carp and dead daemon
Next by Date: Re: carp and dead daemon
Previous by Thread: Re: carp and dead daemon
Next by Thread: Re: carp and dead daemon
Indexes:

Home | Main Index | Thread Index | Old Index