Re: Multiple ldap servers, ssl, and dns round robin?

[Markus Benning <benning@erlm.siemens.de>]

Hi,

im not using DNS round robin, but im using a loadbalancer.
The loadbalancer will take care when one machine goes down.
With DNS round robin some connections get lost because
the machine will get still connections.

my config:
1 Master ldapma.domain.de
2 Slaves ldap(01|02).domain.de
1 loadbalancer ldap.domain.de

Loadbalancing happens between the two slaves.
Administration happens on the master.

Master uses FQDN ldapma.domain.de in ssl cert.
Slaves use FQDN ldap.domain.de in ssl cert.

Clients access ldap.domain.de(the loadbalancer) and the name in the
certs will match the FQDN in the cert.

The Problem is the Master can't access each machine
over an ssl connection because the certificate
uses ldap.domain.de and not ldap(01|02).domain.de.
So i used the normal ldap ports(389) for replication
and used SSH tunnels for encryption.

On Wed, Nov 28, 2001 at 02:23:56AM -0600, Terry Davis wrote:
> you are using a single fqdn or hostname to access your ldap servers 
> since they are in dns round robin correct?
> either recreate your certificates to use this single name or change your 
> clients and dns to use the name or fqdn that the certificate expects.

-- 
Markus Benning

   .^.
   /V\     Tel. : +49 9131 7 21713
 /(   )\   Email: Markus.Benning@siemens.com
  ^^-^^    __________________________________