Hi Jeff,
On Sat, Mar 07, 2009 at 07:03:15PM +0800, Jeffrey 'jf' Lim wrote:
> Woohoo!! :) thanks, Willy, for the work. Seems like a really great
> list of stuff there.
>
> Especially love the "HTTP invalid request and response captures per
> frontend/backend" feature - I would definitely love to be able to see
> what we're getting over here where we use haproxy....
It's really useful. Many people have wasted a lot of time with traffic
captures trying to catch an anomaly, while haproxy knows when there is
an error, so simplifies the troubleshooting a lot to only capture errors.
Also, now I see what people send in their attacks ;-)
Probably that the feature will be improved so that we can decide by
configuration what type of errors should cause the request/response
to be captured.
> One question if u dont mind - session rate limiting on frontends -
> what's the use case for this?
There are several use cases :
- you can limit the request rate on a fragile server which has a
dedicated frontend (eg: a local search engine)
- if you're hosting several customer sites on your own infrastructure,
you may want to limit each of them to a reasonable load so that none
of them consumes all the CPU resources
- you can limit incoming mail rate to protect your SMTP relays,
especially when you have anti-virus and anti-spam forking like mad
under load (I've done that here at home to protect my poor old vax).
- it can help protecting your servers against DoS attacks.
I'm sure other people will find smarter ideas and usages ;-)
Regards,
Willy
