diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2007-02-26 13:58:32 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2007-02-26 13:58:32 +0000 |
| commit | 8555e15060c1d4091d4b3b6f330471caa95c51f5 (patch) | |
| tree | edd0d8f1d1417d8f41fe998370b2e6bda17a47c1 /etc | |
| parent | ed6e6614f3fb6770c09fba3473fb6fb39c63439c (diff) | |
add an relay example
ok pyr@
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/hoststated.conf | 28 | ||||
| -rw-r--r-- | etc/relayd.conf | 28 |
2 files changed, 54 insertions, 2 deletions
diff --git a/etc/hoststated.conf b/etc/hoststated.conf index c6a251dbddb..ed3c66fcc1b 100644 --- a/etc/hoststated.conf +++ b/etc/hoststated.conf @@ -1,4 +1,4 @@ -# $OpenBSD: hoststated.conf,v 1.3 2007/02/26 13:04:34 pyr Exp $ +# $OpenBSD: hoststated.conf,v 1.4 2007/02/26 13:58:31 reyk Exp $ # # Macros # @@ -10,6 +10,7 @@ webhost2="10.0.0.2" # # interval 10 # timeout 200 +# prefork 5 # # Each table will be mapped to a pf table. @@ -39,3 +40,28 @@ service www { table webhosts backup table fallback } + +# +# Relays and protocols are used for Layer 7 loadbalancing +# +protocol httpssl { + protocol http + append "$REMOTE_ADDR" to "X-Forwarded-For" + append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By" + change "Connection" to "close" + + # Various TCP performance options + tcp { nodelay, sack, socket buffer 65536, backlog 128 } + +# ssl { no sslv2, sslv3, tlsv1, ciphers HIGH } +# ssl session cache disable +} + +relay wwwssl { + # Run as a SSL accelerator + listen on 192.168.1.1 port 443 ssl + protocol httpssl + + # Forward to hosts in the webhosts table using a src/dst hash + table webhosts loadbalance +} diff --git a/etc/relayd.conf b/etc/relayd.conf index 52eb13b942c..21cad067177 100644 --- a/etc/relayd.conf +++ b/etc/relayd.conf @@ -1,4 +1,4 @@ -# $OpenBSD: relayd.conf,v 1.3 2007/02/26 13:04:34 pyr Exp $ +# $OpenBSD: relayd.conf,v 1.4 2007/02/26 13:58:31 reyk Exp $ # # Macros # @@ -10,6 +10,7 @@ webhost2="10.0.0.2" # # interval 10 # timeout 200 +# prefork 5 # # Each table will be mapped to a pf table. @@ -39,3 +40,28 @@ service www { table webhosts backup table fallback } + +# +# Relays and protocols are used for Layer 7 loadbalancing +# +protocol httpssl { + protocol http + append "$REMOTE_ADDR" to "X-Forwarded-For" + append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By" + change "Connection" to "close" + + # Various TCP performance options + tcp { nodelay, sack, socket buffer 65536, backlog 128 } + +# ssl { no sslv2, sslv3, tlsv1, ciphers HIGH } +# ssl session cache disable +} + +relay wwwssl { + # Run as a SSL accelerator + listen on 192.168.1.1 port 443 ssl + protocol httpssl + + # Forward to hosts in the webhosts table using a src/dst hash + table webhosts loadbalance +} |