Security Incidents mailing list archives
Re: Load Balancing Protocol (was Re: your mail)
From: Gregor Binder <gbinder () sysfive com>
Date: Mon, 30 Oct 2000 19:57:09 +0100
Nick Phillips on Mon, Oct 30, 2000 at 10:54:00AM +0000: Hi,
That's why we need some kind of extra protocol. I would envisage that anyone who was worried about the information being sent back would be in a position to run this protocol's "server" at their firewall, which would be returning information as configured by the admin, and if it explicitly said "I ain't telling you", then that should be respected by the loadbalancer, which should not then try to extract information in any other way.
one of the reasons loadbalancing is a technique users like is because it improves service AND is transparent to them. Having to add client- side support doesn't sound like such a great idea to me. Especially if all you need is to determine the best site to respond to a request, you could totally implement this using ICMP, since there is no reason for you to be in contact with the client itself or even exchange useful information with them. If your echo replies are being dropped by a client, they will have to live with a randomly (or round-robin) chosen site that talks to them, but even some sort of reply should help you to make a decent choice. There is no way I'm installing software and open up a port to support loadbalancing :) Regards, Gregor. -- Gregor Binder <gbinder () sysfive com> http://www.sysfive.com/~gbinder/ sysfive.com GmbH UNIX. Networking. Security. Applications. Gaertnerstrasse 125b, 20253 Hamburg, Germany TEL +49-40-63647482
Current thread:
- Re: Load Balancing Protocol (was Re: your mail) Gregor Binder (Nov 01)
- <Possible follow-ups>
- Load Balancing Protocol (was Re: your mail) Crist Clark (Nov 01)