I have created a load balancer in the cloud with backend servers running FreeIPA.
When I try to run:
$ ldapsearch -x -H ldap:<IP-ADDRESS> -b "dc=example,dc=com
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
However, it's possible to contact each of the server:
$ ldapsearch -x -H ldap:<NODE1-ADDRESS> -b "dc=example,dc=com
# extended LDIF
#
# LDAPv3
...
$ ldapsearch -x -H ldap:<NODE2-ADDRESS> -b "dc=example,dc=com
extended LDIF
LDAPv3
...
In theory, shouldn't I be able to run the command ldapsearch -x -H ldap:<IP-ADDRESS> -b "dc=example,dc=com?
EDIT: What LB configuration has been done from my side
The servers and the load balancer can be found in the same subnet
Security Rules (Traffic allowed) Ingress: 22, 53, 80, 88, 389, 636, 443 Egress: All
Backend/Backend sets:
- Server: Node1 Port: 389
- Server: Node2 Port: 389
- Server: Node1 Port: 636
- Server: Node2 Port: 636
Listeners
- Server: Node1 Port: 389
- Server: Node2 Port: 389
- Server: Node1 Port: 636
- Server: Node2 Port: 636
Health checks:
- Health checking TCP port 389/636.
