Hi Willy,

Thank you a lot for your help. It is the best support I've ever seen.
Will test 'source' on our environment to see does it helps to resolve the issue.

Alternately, you can use the "source" parameter either on each server
or in the backend to fix a port range. Haproxy will then use an explicit
bind. This is normally used when you want to have more than 64k conns on
multiple servers. But here you could try this :

  source 0.0.0.0:32678-61000
Great! As I understand we can set port range to exclude listening ports and so eliminate such errors? Probably it may be a good workaround. Thank you again for the idea.
Yes, but the range is contiguous, so you cannot puch holes in it.
Tried to configure but have some questions. We have several 'listen' sections with 'server' keyword in our config file (and so there are no 'backend' sections).
A "listen" is in fact the union of a "frontend" and a "backend", so
whatever you're suggested to put in a "backend" will also apply to a
"listen".
1. As I understand 'source' should be put into each of our 'listen' section. Should we divide port ranges between several 'listen' sections or may use the same wide range for all?
It depends if you have some servers in common or not. The system will
always allow multiple outgoing connections to share the same local
source ip:port as long as they don't go to the same destination ip:ports
since a connection is defined by (proto,srcip,sport,dstip,dport).

So if the servers in your "listen" sections are all different, there
is no problem. Otherwise you might indeed have to use separate ranges.
2. Will there be EADDRNOTAVAIL errors if several 'listen' section use the same source port range and two connections choose the same port?

Only if they try to connect to the same destination ip:port. This subject
comes back from time to time in fact. It was planned to work on a per-
destination port range, but this is a bit complex, at least in terms of
configuration, so nothing has been done in this direction yet. This would
allow multiple similar servers from different backends to share the same
source ip:port ranges without ever colliding. But this creates new issues
(resource sharing).


--
Best regards,
 Denis Malyshkin,
Senior C++ Developer
of ISS Art, Ltd., Omsk, Russia.
Mobile Phone: +7 913 669 2896
Office tel/fax +7 3812 396959
Yahoo Messenger: dmalyshkin
Web: http://www.issart.com
E-mail: dmalysh...@issart.com

Reply via email to