The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Activate licensing in a failover scenario

Discussion in 'General Discussion' started by koda, Oct 8, 2015.

  1. koda

    koda Well-Known Member

    Joined:
    Jan 10, 2014
    Messages:
    57
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    We have 2 servers with IPs 1.2.3.4 and 80.81.82.83 which will be facing the internet through a proxy with a single different IP: 200.201.202.203
    So all traffic will be directed to this last IP (200...) and that server will then direct traffic to one of the two servers, based on a failover scenario. If the master 1.2.3.4 is down, the proxy will redirect to the slave 80.81.82.83
    We bought a Cpanel license and connected it to the IP 200.201.202.203 that will be the public gateway, but trying to login to cpanel or WHM gives the "cannot login... IP changed" error.
    How can we solve this? If we buy 2 licenses for 1.2.3.4 and 80.81.82.83, those servers will be reached only by the third IP (200..) in any case.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,774
    Likes Received:
    663
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    The licensed IP needs to be the IP address the server makes outgoing connections from. For instance, it's the IP address that's output when you run this command from the server:

    Code:
    lynx -dump http://www.cpanel.net/showip.cgi
    Thank you.
     
  3. koda

    koda Well-Known Member

    Joined:
    Jan 10, 2014
    Messages:
    57
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    Thank you Michael you are kind as always. So in our scenario we should get 2 licenses for 1.2.3.4 and 80.81.82.83 even if the public "incoming" requests IP will be only one 200.201.202.203.
    Also does cpanel experience any issue in a load balanced scenario? I mean if requests come through 200.201.202.203 but then are routed to 1.2.3.4 (our is not a proper load balancing but rather a failover scenario but there is a proxy in front the same).
    Because I saw several access denied looking at network activity for the images and js/css files that are called from cpanel admin web page for example always on 200.201.202.203. The other guy working on it thught CPanel may have issues in this scenario since we had this "cannot login... IP changed" error and several 401 errors for static resources on CPanle/WHM admin pages (for css/js/images)

    EDIT: We seem to have identified the issue in being that the proxy ahead of the two real servers, act as a reverse proxy, randomizing user requests among 2-3 IPs... (Totaluptime.com Cloud Load Balancing service). How could we overcome this in CPanel? Also it comes to my mind that addons like CPHulk blocking features should be disabled since every request comes as 2-3 IPs always and so all the various rate limits for IP. Or is there a way to tell WHM/CPanel to read the IP from an header for example (since we can customize this in the proxy to supply the original IP through an header). Does anyone have any experience on this scenario (reverse proxy in front of CPanel). Thanks in advance. We are using those as mail servers only (+ webmail)
     
    #3 koda, Oct 8, 2015
    Last edited: Oct 8, 2015
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,774
    Likes Received:
    663
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. koda

    koda Well-Known Member

    Joined:
    Jan 10, 2014
    Messages:
    57
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    Thank you Michael,
    since we'll be using those as mail servers only I think there will be major issues with black lists checks/spamassassin or CPHulk or everything else iP based, until a major tech renew will be implemented for reverse proxies and all the other application involved (like for example the proxy protocol or such).
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,774
    Likes Received:
    663
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page