I think what you need is a stick-table and peers setup. https://www.haproxy.com/blog/emulating-activepassing-application-clustering-with-haproxy/
Sent from Nine<http://www.9folders.com/> ________________________________ From: Dave Hall <kdh...@binghamton.edu> Sent: Monday, October 19, 2020 11:38 PM To: HAProxy Subject: IP binding and standby health-checks Hello, I'm new to this list and somewhat new to HAProxy. Before posting I scanned the archives and found a thread from 2015 that seems to apply to my situation: IP binding and standby health-checks https://www.mail-archive.com/haproxy@formilux.org/msg18728.html The specifics of our setup: * HAProxy Active/Standby pair using keepalived and a virtual IP. * Load balance SSH connections to a group of user access systems (long-running Layer 4 connections). * Using Fail2Ban to protect against password attacks, so using send-proxy-v2 and go-mmproxy to present client IP to target servers. Our objective is to preserve connections through a fail-over. It would seem that it is necessary to use the virtual IP as the source address for connections to the target servers. The problem, though, is how get get HAProxy not to use the virtual IP for health checks. Since the HAProxy code-base has likely evolved since 2015 I'd like to know the current recommended approach for this situation. Thanks. -Dave -- Dave Hall Binghamton University ________________________________ Information in this e-mail may be confidential. It is intended only for the addressee(s) identified above. If you are not the addressee(s), or an employee or agent of the addressee(s), please note that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender of the error.
