resolvers hold valid clarification

2021-09-22 Thread Michał Pasierb 
I would like to clarify how *hold valid* is used by resolvers. I have this
configuration:

resolvers mydns
  nameserver dns1 192.168.122.202:53
  accepted_payload_size 8192

  timeout resolve 5s
  timeout retry   2s
  resolve_retries 3

  hold other  30s
  hold refused120s
  hold nx 30s
  hold timeout10s
  hold valid  1h
  hold obsolete   0s

The *valid* setting is a bit confusing. I can not find good explanation of
it in the documentation. From what I see in the code of version 2.0.25, it
is used only when doing DNS queries in tcp/http path:

http-request do-resolve(txn.myip,mydns,ipv4) str(services.example.com)

only when requests arrive in parallel, I see less queries to DNS servers
than http requests. When requests are done in sequence, I see the same
count of DNS requests as http requests. For example when I send 3000
requests to HAProxy with 3 clients in parallel, there are about 2600
requests to DNS servers.

So it doesn't look like a proper cache to me. Whole HAProxy becomes
unusable 10 seconds (hold timeout) after DNS servers stop responding
because every server which is using DNS SRV record is put to maintenance
state due to resolution error.

Is this proper assessment of current state and is this what was intended ?

Regards,
Michal

Re: HA-Proxy inquiry

2021-09-22 Thread Илья Шипицин 
hello,

there are several tutorials to start with, for example HAProxy version
2.4.0 - Starter Guide (cbonte.github.io)


ср, 22 сент. 2021 г. в 10:16, Lhendup Norbu :

> Dear Sir/Madan,
>
>
>
> I am Lhendup Norbu working in Bank of Bhutan under Data Center Division.
> We want to do POC with the HA proxy load balancer in our environment.
>
> Please guide us on the way forward in HA-Proxy Load Balancer.
>
>
>
>
>
> *Warm Regards*
>
>
>
> Lhendup Norbu
>
> IT Officer, Data Center Division
>
> IT Department
>
> *Bank of Bhutan Limited *
> Data Center, Thimphu : Kingdom of Bhutan
>
> *+975 77281157, IP -0060*
>
> *http://www.bob.bt *
>
>
>
>
> The information in this mail is strictly confidential and is intended
> solely for the addressee(s). Access to this mail by anyone else is
> unauthorized. Copying or further distribution beyond the original
> recipient(s) may be unlawful. Please note that any unauthorized
> addressee(s) needs a specific written consent for further circulation of
> the information(s). Any opinion expressed in this mail is that of sender
> and does not necessarily reflect that of the Bank of Bhutan Limited
>