On Thu, Nov 01, 2007 at 07:58:45AM -0400, Lauro, John wrote:
> Not ideal for scalability, but you could use round-robbin dns for the
> ssl tunnels that then connect to the load balancer via http.
Yes you can, but RRDNS does not provide you with any sort of availability. This works well when combined with BGP or similar features so that you announce always-available addresses to your DNS. A very cheap solution can consist in duplicating all your LBs with VRRP and announce the VIPs to the DNS.
> Depending on the app, you are likely to need far more app servers than
> ssl servers.
Yes, this is generally very true and the gap tends to increase due to the very heavy application servers today which can consume 100 times more CPU cycles to process a small transaction than what is needed to generate an SSL key.
Regards,
Willy
Received on 2007/11/01 13:16
This archive was generated by hypermail 2.2.0 : 2007/11/04 19:21 CET