Discuss mailing list

[Julian De Marchi <julian AT jdcomputers.com.au>]

heya--

Ever since migrating to the new servers the nearest server plugin on the
main site has not worked. After some heavy investigations we found the
root cause to be the load-balancer in use. With the donated funds we
purchased a linode nodebalancer.

The current issue is with the way this nodebalancer does SSL. The
balancer can do the SSL termination itself, but it doesn't support SNI.
Which means we choose only one site to SSL behind the LB and terminate
the rest at the real host. So currently we're just passing TCP through,
which means the REAL_IP gets dropped and replaced with that of the LB.
Using HTTPS in the balancer means the header gets through.

The complications enter. We need to at a minimum SSL LB the wiki and the
main site.

This is it for now on the progress. We're currently discussing methods
to get around this. Just thought it'd be good to get an update "out there".

--julian