Hi, > You're misunderstanding outgoing interface and bound IP address. > > when using "source x.x.x.x", haproxy will use the NIC which hosts the > IP address x.x.x.x to try to reach the server. > then your kernel will pick up the main IP address configured on the > corresponding nic, that's why it works when you have one IP per NIC > but it doesn't work when you have many aliases.
Ho, ok, thanks for the explanation. > To make it work in both cases, simply use "source 0.0.0.0 usesrc > x.x.x.x", that way, HAProxy will let the kernel to choose the right > outgoing NIC but will tell the kernel which IP to bind to when > connecting to the remote server. Aaand ... my old kernel (2.6.25) doesn't support transparent proxy. 'usesrc' not allowed here because support for TPROXY was not compiled in. I tried to force USE_TPROXY=1, but it doesn't change anything (and the compiler doesn't show any error, is it normal ?) We will have to do a major upgrade of our load balancing system ... Thanks a lot ! Neri
