2

I have two debian 6 servers running keepalived 1.1.20 with one server acting as a Master and the other as a Backup. Both servers host apache 2.4 that have a global Listener on all interfaces on port 80 (Listen *:80) how ever I have some sites that require a listener for port 443 (SSL) and that is configured for each VirtualHost in the Apache config since I do not want every VirtualHost to listen on port 443.

The problem is when I try to start Apache on the Backup machine that does not hold the virtual interface the VirtualHost is supposed to be listening on, I get AH00072: make_sock: could not bind to address 1.1.1.1:443. I know this is expected behavior of Apache.

The real question is are there any known workarounds or solutions to this scenario?

user9517
  • 115,471
  • 20
  • 215
  • 297
davideagle
  • 33
  • 1
  • 6

1 Answers1

4

You can use the following command as root:

# echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind

This enables your applications to be able to bind to an address which doesn't belong to a device on your system. You can set this in /etc/sysctl.conf to make it permanent.

Khaled
  • 36,533
  • 8
  • 72
  • 99
  • This is certainly a very elegant solution, but I'd like to add that keepalived can also be configured to run scripts when a state transition occurs. This allows for any kind of changes to the services running on a server. See the `notify` commands in `keepalived(5)`. – Oliver Apr 30 '12 at 16:40