Forum OpenACS Q&A: Re: Using Pound for loadbalancing on three Public IPs

Collapse
2: Re: Using Pound for loadbalancing on three Public IPs (response to 1)
Posted by Gustaf Neumann on 07/05/07 10:48 AM
If i understand correctly, you want to run a "reverse" reverse proxy configuration (i.e. a failsafe proxy configuration). In the HTTP case, when your internal clients connect to 192.168.0.10:80, they will be redirected to some random provider server on port 80. But what happens there? Most probably, your internal clients will see randomly one of the three providers homepages, which is not what you want.

It should be possible to configure pound as a ordinary proxy in your clients and let pound connect to one the proxies of the three providers (most likely on a port different to 80). This could work, but we use pound only in the true reverse case.

not sure, if this helps.
-gustaf

Collapse
3: Re: Using Pound for loadbalancing on three Public IPs (response to 2)
Posted by Vinod VB on 07/06/07 04:41 AM
Thank you Gustaf Neumann. Your reply was really helpful and based on it, I redesigned my net configuration for failsafe working using Pound & Squid which is given below.

Public IPs ( Gateways from three different ISPs)

1) 63.34.54.67
2) 56.34.67.23
3) 62.45.67.34

I configure Squid on each gateway server as Proxy.

SERVER1: NIC1 - 63.34.54.67, NIC2 - 192.168.0.10, Squid listen on 192.168.0.10:8080 and use public IP 63.34.54.67.

SERVER2: NIC1 - 56.34.67.23, NIC2 - 192.168.0.20, Squid listen on 192.168.0.20:8080 and use public IP 56.34.67.23.

SERVER3: NIC1 - 62.45.67.34, NIC2 - 192.168.0.30, Squid listen on 192.168.0.30:8080 and use public IP 62.45.67.34.

Now, I configure Pound on SERVER4, IP 192.168.0.40, and all clients connect to that IP 192.168.0.40.

ListenHTTP
Address 192.168.0.40
Port 80

Service
BackEnd
Address 192.168.0.10
Port 8080
End
End

Service
BackEnd
Address 192.168.0.20
Port 8080
End
End
Service
BackEnd
Address 192.168.0.30
Port 8080
End
End
End

Do you think it is workable configuration? Will it keep all connections from clients to internet, including ssl & RDP sections, alive even if the Gateway through which it is connected currently fails? Please help.