LiteSpeed Technologies
Read More

DOCUMENTATION

Configuration

Concepts

Here are some basic concepts you should know before going into the detail of the configuration.

  • Cluster

    • A cluster is a group of backend servers that provide the same type of service. Each server is called a "cluster node", or just a "node". A load balancer will distribute requests to cluster nodes based on a set of rules. Usually, even distribution is preferred. A LiteSpeed Load Balancer can be used to service as many clusters as you want.

  • Virtual Host

    • LiteSpeed Load Balancer can be used to load balance for multiple web sites (virtual hosts) which sit on different clusters.

  • Listener

    • A listener in LiteSpeed Load Balancer is a server socket that listens on specific IP address and TCP port.

    For each listener, an IP address and a port number need to be specified. IP address can be any valid local IP address or the wild card IP that refers to all the available IP address on that machine. Port is an integer number between 0 and 65535. Official port for HTTP is 80, for HTTPS is 443. However, other ports can be used too. On UNIX machine, only super user "root" has permission to use ports below 1024.

    Only one listener is allowed for each IP and port combination. Thus if a listener is configured on one port with the wild card IP address, it is not allowed to configure another listener on the same port, even only with one particular IP. For example, if there is multiple IP address on the load balancer machine, HTTP traffic needs to be allowed on port 8080 for all IP address, it can be configured in two ways: to set up only one listener using the wild card IP (*) and port 8080; or to set up multiple listeners, with each one using a particular IP and port 8080. These two methods cannot be mixed on the same port.

    There are two types of listeners in LiteSpeed load balancer: plain and secure (SSL). Each secure listener requires a pair of SSL private Key and SSL certificate. The private key can be generated with SSL toolkit like OpenSSL. The SSL certificate can be self signed or obtained from SSL certificate issuer like VeriSign or Thawte. Same private key and certificate pair can be shared among multiple listeners.


  • Listener to Virtual Host Mapping

    • Every listener has a virtual host lookup table. The data in the lookup table are key/value pairs. The key is a domain name for that virtual host; the value is the virtual host itself.

    Here is how it works:

    1. The end user enters a URL in browser
    2. The browser sends a DNS lookup request using the URL's domain name to get the IP address of the load balancer
    3. The browser sends a request to establish a TCP connection with the load balancer on the specific IP and port (a listener)
    4. After the connection is established, the browser sends an HTTP request including the domain name information of the web site.
    5. When the load balancer receives the request, the lookup table associated with that listener will be searched against the domain name in the request. If a match is found, the request will be routed to that virtual host for processing.
    6. The load balancer will then receive the response from the virtual host on a cluster node and send back to the client's browser.

    It is exactly how name based virtual hosting works; IP based virtual hosting is a special case of it.

    In order to make a virtual host accessible through a specific listener, you must make sure:

    1. DNS must be configured properly to map the domain name of the web site to the IP used by that listener. How to configure DNS is beyond the scope of this document.
    2. The mapping to the virtual host on that domain name must exist in the listener's lookup table.

    A catchall virtual host can be specified for one listener with wild card domain name "*". When server cannot find a matching virtual host, the request will be routed to the catchall virtual host. If there is no such catchall virtual host configured, the load balancer will return error code 404.

    Our design of Listener to Virtual Host Mapping provides ultra flexibility, which allows

    • mapping one listener to one virtual host.
    • mapping one listener to different virtual hosts on different domain names.
    • mapping multiple listeners to same virtual host.
    • mapping multiple listeners to multiple virtual hosts on their respective domain names.

    Since a SSL certificate is bundled with a listener, if a virtual host requires a dedicated certificate, a dedicated SSL listener must be created for that virtual host. In other words, that virtual host must be an IP based virtual host.