webmail 50-50% load balance not working.

jayesh nginx-forum at nginx.us
Sat Jul 9 14:33:41 MSD 2011 

Hi All , 

I have mail server with SquirrelMail as webmail with busy traffic with
login / logout . My aim is to do the load balancing  of 50-50% and
reduce the load.  For this I have created  the following  test setup in
LAN. 

The nginx-0.8.33.tar.gz is compiled as  ./configure
--with-http_ssl_module

Webmail Interface :-- 192.168.30.200
back end webmail  :-- 192.168.30.221 ( apache ) 
back end webmail  :-- 192.168.30.222 ( apache ) 
mail server IP         :-- 192.168.1.223
webmail URL         :-- http://webmail.exampledomain.com  &
https://webmail.exampledomain.com

My problem :--
---------------

1) When  "ip_hash" is not mention in below config then the request of 
http://webmail.exampledomain.com get divert 50-50% to internal mail
server. But when I login with email id  and password and hit enter then 
I am getting logout immediately.  I am able to see successfully login
request on server. 

i.e for webmail login  load balance is not working in my case.

2) when "ip_hash" is mention then  http://webmail.exampledomain.com
divert to only one server and I am able to login and check my mails. 
When I stop one of the apache then the request get divert to other
server and I am able to login. 

That is here its work properly But I also observed  that when "ip_hash"
is mention the load balance of 50-50% is not working. 


My query :--
-----------
1) How to get 50-50% load balancing with webmail where login and logout
happen ?
2) Is there any extra option need to add in config ?
3) Is the below config is correct. 

My nginx.conf  config part :--
--------------------------------

upstream backend {
 ip_hash;
  server 192.168.30.221:80;
  server 192.168.30.222:80;
}

upstream secure {
  ip_hash;
  server 192.168.30.221:443;
  server 192.168.30.222:443;
}

server {
  listen 80;
  server_name  webmail.exampledomain.com;
  location / {
    proxy_set_header  X-Real-IP  $remote_addr;
    proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_max_temp_file_size 0;
    proxy_pass http://backend;
} 

} 

server {
 listen 443;
  ssl on;
  ssl_certificate /etc/ssl/ssl.pem/webmail.exampledomain.com.crt;
  ssl_certificate_key /etc/ssl/ssl.pem/webmail.exampledomain.com.key;
  server_name webmail.exampledomain.com
  ssl_session_timeout  90m;
  ssl_protocols  SSLv2 SSLv3 TLSv1;
  ssl_ciphers 
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
  ssl_prefer_server_ciphers   on;

  location / {
    proxy_set_header  X-Real-IP  $remote_addr;
    proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_max_temp_file_size 0;
    proxy_pass https://secure;

----x----x---x-----x----x----x------

Regards
Jayesh Shinde

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,212039,212039#msg-212039

More information about the nginx mailing list