Re: Problem: host header keeps the IP of the HAProxy server
Hi Cyril,
I seem to be having luck with simply replacing the Virtual IP to 127.0.0.1,
I will test it further. thanks again!!
On Sun, Aug 14, 2011 at 6:16 PM, Cyril Bonté wrote:
> Le Sunday 14 August 2011 13:31:57, Ran S a écrit :
> > Hi Cyril,
> >
> > I see, thanks for that.
> > So, will the correct way be to configure two different backends and
> include
> > the reqrep for each one of them.
> > But how will I get the listen or frontend node to load balance between
> two
> > different backend nodes? I can't find the configuration to do that... is
> it
> > possible?
>
> Well, haproxy is not designed to load balance between backends, but there
> are
> several workarounds (some of them are less elegant than the others).
>
> For your issue, I don't know all about your configuration so maybe it won't
> work, but first, can you check if you can unconditionally replace the Host
> header with 127.0.0.1 ? Maybe that could do the trick.
> reqrep ^Host:\ 172.31.0.103 Host:\ 127.0.0.1
>
> One other workaround is to decide to not load balance but switch to a
> second
> backend under certain conditions (for example when the first backend
> exceeds a
> # of connections).
>
> frontend http-in
> bind :80
>mode http
> option httpclose
>
> use_backend backend2 if { be_conn(backend1) gt 100 }
> default_backend backend1
>
> backend backend1
> mode http
>
> reqrep ^Host:\ 172.31.0.103 Host:\ 172.31.0.104
> server node1 172.31.0.104:85
>
> backend backend2
> mode http
>
> reqrep ^Host:\ 172.31.0.103 Host:\ 172.31.0.118
> server node2 172.31.0.118:85
>
> Another solution is to add a second level of proxies in haproxy :
>
> listen http-in
> bind :80
> mode http
> option httpclose
>
> server pnode1 127.0.0.1:8104
> server pnode2 127.0.0.1:8118
>
> listen proxy104
> bind 127.0.0.1:8104
> mode http
> option httpclose
>
> reqrep ^Host:\ 172.31.0.103 Host:\ 172.31.0.104
> server node1 172.31.0.104:85
>
> listen proxy118
> bind 127.0.0.1:8118
> mode http
> option httpclose
>
> reqrep ^Host:\ 172.31.0.103 Host:\ 172.31.0.118
> server node2 172.31.0.118:85
>
> This is just some ideas (not tested), or you can try to add some conditions
> directly in your apache configuration.
>
> Hope this helps.
>
> --
> Cyril Bonté
>
Re: Problem: host header keeps the IP of the HAProxy server
Le Sunday 14 August 2011 13:31:57, Ran S a écrit :
> Hi Cyril,
>
> I see, thanks for that.
> So, will the correct way be to configure two different backends and include
> the reqrep for each one of them.
> But how will I get the listen or frontend node to load balance between two
> different backend nodes? I can't find the configuration to do that... is it
> possible?
Well, haproxy is not designed to load balance between backends, but there are
several workarounds (some of them are less elegant than the others).
For your issue, I don't know all about your configuration so maybe it won't
work, but first, can you check if you can unconditionally replace the Host
header with 127.0.0.1 ? Maybe that could do the trick.
reqrep ^Host:\ 172.31.0.103 Host:\ 127.0.0.1
One other workaround is to decide to not load balance but switch to a second
backend under certain conditions (for example when the first backend exceeds a
# of connections).
frontend http-in
bind :80
mode http
option httpclose
use_backend backend2 if { be_conn(backend1) gt 100 }
default_backend backend1
backend backend1
mode http
reqrep ^Host:\ 172.31.0.103 Host:\ 172.31.0.104
server node1 172.31.0.104:85
backend backend2
mode http
reqrep ^Host:\ 172.31.0.103 Host:\ 172.31.0.118
server node2 172.31.0.118:85
Another solution is to add a second level of proxies in haproxy :
listen http-in
bind :80
mode http
option httpclose
server pnode1 127.0.0.1:8104
server pnode2 127.0.0.1:8118
listen proxy104
bind 127.0.0.1:8104
mode http
option httpclose
reqrep ^Host:\ 172.31.0.103 Host:\ 172.31.0.104
server node1 172.31.0.104:85
listen proxy118
bind 127.0.0.1:8118
mode http
option httpclose
reqrep ^Host:\ 172.31.0.103 Host:\ 172.31.0.118
server node2 172.31.0.118:85
This is just some ideas (not tested), or you can try to add some conditions
directly in your apache configuration.
Hope this helps.
--
Cyril Bonté
Re: Problem: host header keeps the IP of the HAProxy server
Hi Cyril,
I see, thanks for that.
So, will the correct way be to configure two different backends and include
the reqrep for each one of them.
But how will I get the listen or frontend node to load balance between two
different backend nodes? I can't find the configuration to do that... is it
possible?
Thanks
2011/8/14 Cyril Bonté
> Hi all,
>
> Le Sunday 14 August 2011 10:19:04, Ran S a écrit :
> > I don't know what's going on, this doesn't seem to work.
> >
> > With this configuration the header gets changed:
> > backend test_servers
> > server 118 172.31.0.118:85 id 118
> > reqrep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118
> >
> > But once I add the IF, it breaks and the header does not get changed!
> > backend imp_servers
> > server 118 172.31.0.118:85 id 118
> > reqrep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118 if { srv_id 118
> }
> >
> >
> > What am I doing wrong?
>
> reqrep can't be used with the "srv_id" acl : the server is only known late
> in
> the request processus, after the headers manipulation, which makes your
> condition never match.
> Sorry to say that you can't do it like this.
>
> --
> Cyril Bonté
>
Re: Problem: host header keeps the IP of the HAProxy server
Hi all,
Le Sunday 14 August 2011 10:19:04, Ran S a écrit :
> I don't know what's going on, this doesn't seem to work.
>
> With this configuration the header gets changed:
> backend test_servers
> server 118 172.31.0.118:85 id 118
> reqrep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118
>
> But once I add the IF, it breaks and the header does not get changed!
> backend imp_servers
> server 118 172.31.0.118:85 id 118
> reqrep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118 if { srv_id 118 }
>
>
> What am I doing wrong?
reqrep can't be used with the "srv_id" acl : the server is only known late in
the request processus, after the headers manipulation, which makes your
condition never match.
Sorry to say that you can't do it like this.
--
Cyril Bonté
Re: Problem: host header keeps the IP of the HAProxy server
I don't know what's going on, this doesn't seem to work.
With this configuration the header gets changed:
backend test_servers
server 118 172.31.0.118:85 id 118
reqrep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118
But once I add the IF, it breaks and the header does not get changed!
backend imp_servers
server 118 172.31.0.118:85 id 118
reqrep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118 if { srv_id 118 }
What am I doing wrong?
Thanks
2011/8/11 Hervé COMMOWICK
> reqrep if { srv_id }
>
> server's id can be forced with "id" keyword if needed
>
> Regards,
>
> Hervé.
>
> On Thu, 11 Aug 2011 13:22:36 +0300
> Ran S wrote:
>
> > Well, I have no idea if this mailing list is active, as I have gotten
> > no response, but I'll give it another try.
> >
> > I managed to change the Host header using ReqRep successfully.
> >
> > However, now I am in a state where one of the backends need this
> > change, and the other one doesn't.
> > How would I go about configuring this?
> >
> > If I put the two backends under one backend node, they both get the
> > ReqRep parameter, and then one of the servers can't work with the
> > replaced host header.
> > If I put them in two backend nodes, how can I get the frontend node to
> > balance between the two? this appears to be the correct way but I
> > can't find the right command.
> >
> > Thanks
> >
> > On Wed, Aug 10, 2011 at 5:00 PM, Ran S wrote:
> >
> > > Hello all,
> > >
> > > I am trying to use HAProxy for the following configuration:
> > > Two Linux servers (node1, node2) running apache (on port 85) and
> > > squid and acting as Proxy servers to the Internet
> > > I installed HAProxy on node1, and configured it to listen to port
> > > 80, and have the backends in their respective apache port 85.
> > >
> > > While node1 is the only active server in the backend servers list,
> > > I can make a request to node1:80 and it will be successfully
> > > redirected to the apache port and returned to me.
> > >
> > > However while node2 is the only active backend server, this flow
> > > will fail and I will simply get a blank page with HTTP 200.
> > > I think I know why that is. when sniffing on node1, I can see the
> > > following request flow:
> > >
> > > 1. My browser making web the request to node1:80
> > > 2. Node1 making the request to node2.
> > > But, this is where the problem comes in.
> > > The source IP is node1
> > > The Destination IP is node2
> > > However the Host in this request is the node1 IP address
> > >
> > > So, since node2 backend server is actually a proxy server, it will
> > > take the IP address from the Host header it received and make a
> > > request to node1 (since it has it in the request's Host header) and
> > > the failure will come in.
> > >
> > > So I guess what I'm asking is what would be the correct option to
> > > use in HAproxy in order to have this set up the right way.
> > >
> > > I copied the configuration file from one of the examples and
> > > trimmed it down to the very basic so I can eliminate anything
> > > that's causing the problems, so here it is:
> > >
> > > *global*
> > > *daemon*
> > > *maxconn 256*
> > > *
> > > *
> > > *defaults*
> > > *mode http*
> > > *timeout connect 5000ms*
> > > *timeout client 5ms*
> > > *timeout server 5ms*
> > > *balance roundrobin*
> > > *option forwardfor*
> > > *
> > > *
> > > *frontend http-in*
> > > *bind *:80*
> > > *default_backend servers*
> > > *
> > > *
> > > *backend servers*
> > > *server :85*
> > >
> > >
> > > Many thanks in advance for any help! please let me know if you need
> > > any more information.
> > >
> > > Thanks,
> > > Ran
> > >
> > >
> > >
>
>
>
> --
> Hervé COMMOWICK, EXOSEC (http://www.exosec.fr/)
> ZAC des Metz - 3 Rue du petit robinson - 78350 JOUY EN JOSAS
> Tel: +33 1 30 67 60 65 - Fax: +33 1 75 43 40 70
> mailto:hcommow...@exosec.fr
>
Re: Problem: host header keeps the IP of the HAProxy server
I need some more help on this issue, I lost the working configuration since
I added a Virtual IP to my setup:
As you can see below my machines are 104 (currently running HAProxy) and
118.
I changed the bind in the configuration, in order for HAProxy to bind to a
virtual IP (I'm in the middle of trying to setup dual HAProxy for redundancy
via a Virtual IP).
frontend http-in
bind 172.31.0.103:80
But now, the reqirep rule that changed Host: 172.31.0.104 to 172.31.0.118
does not work.
I am making the request to the Virtual IP (172.31.0.103) and it stays in the
Host header when its sent to the backend.
backend test_servers
server 118 172.31.0.118:85 id 118
reqirep ^Host:\ 172.31.0.103 Host:\ 172.31.0.118 if { srv_id 118 }
server 104 172.31.0.104:85 id 104
reqirep ^Host:\ 172.31.0.103 Host:\ 172.31.0.104 if { srv_id 104 }
Any ideas?
On Thu, Aug 11, 2011 at 1:53 PM, Ran S wrote:
> Ok got it! many thanks! just had to give the id as an integer instead of a
> name (118), and use srv_id 118
>
>
> On Thu, Aug 11, 2011 at 1:45 PM, Ran S wrote:
>
>> Many thanks for your help! it seems that this is the correct way, but I
>> get a parsing error when checking the file in every possible syntax I could
>> come up with
>>
>> frontend http-in
>> bind 172.31.0.104:80
>> default_backend test_servers
>>
>> backend test_servers
>> server 118 172.31.0.118:85
>> reqirep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118 if {srv_id
>> imp118}
>> server 104 172.31.0.104:85
>>
>> Can you tell me the correct syntax?
>>
>> 2011/8/11 Hervé COMMOWICK
>>
>>> reqrep if { srv_id }
>>>
>>> server's id can be forced with "id" keyword if needed
>>>
>>> Regards,
>>>
>>> Hervé.
>>>
>>> On Thu, 11 Aug 2011 13:22:36 +0300
>>> Ran S wrote:
>>>
>>> > Well, I have no idea if this mailing list is active, as I have gotten
>>> > no response, but I'll give it another try.
>>> >
>>> > I managed to change the Host header using ReqRep successfully.
>>> >
>>> > However, now I am in a state where one of the backends need this
>>> > change, and the other one doesn't.
>>> > How would I go about configuring this?
>>> >
>>> > If I put the two backends under one backend node, they both get the
>>> > ReqRep parameter, and then one of the servers can't work with the
>>> > replaced host header.
>>> > If I put them in two backend nodes, how can I get the frontend node to
>>> > balance between the two? this appears to be the correct way but I
>>> > can't find the right command.
>>> >
>>> > Thanks
>>> >
>>> > On Wed, Aug 10, 2011 at 5:00 PM, Ran S wrote:
>>> >
>>> > > Hello all,
>>> > >
>>> > > I am trying to use HAProxy for the following configuration:
>>> > > Two Linux servers (node1, node2) running apache (on port 85) and
>>> > > squid and acting as Proxy servers to the Internet
>>> > > I installed HAProxy on node1, and configured it to listen to port
>>> > > 80, and have the backends in their respective apache port 85.
>>> > >
>>> > > While node1 is the only active server in the backend servers list,
>>> > > I can make a request to node1:80 and it will be successfully
>>> > > redirected to the apache port and returned to me.
>>> > >
>>> > > However while node2 is the only active backend server, this flow
>>> > > will fail and I will simply get a blank page with HTTP 200.
>>> > > I think I know why that is. when sniffing on node1, I can see the
>>> > > following request flow:
>>> > >
>>> > > 1. My browser making web the request to node1:80
>>> > > 2. Node1 making the request to node2.
>>> > > But, this is where the problem comes in.
>>> > > The source IP is node1
>>> > > The Destination IP is node2
>>> > > However the Host in this request is the node1 IP address
>>> > >
>>> > > So, since node2 backend server is actually a proxy server, it will
>>> > > take the IP address from the Host header it received and make a
>>> > > request to node1 (since it has it in the request's Host header) and
>>> > > the failure will come in.
>>> > >
>>> > > So I guess what I'm asking is what would be the correct option to
>>> > > use in HAproxy in order to have this set up the right way.
>>> > >
>>> > > I copied the configuration file from one of the examples and
>>> > > trimmed it down to the very basic so I can eliminate anything
>>> > > that's causing the problems, so here it is:
>>> > >
>>> > > *global*
>>> > > *daemon*
>>> > > *maxconn 256*
>>> > > *
>>> > > *
>>> > > *defaults*
>>> > > *mode http*
>>> > > *timeout connect 5000ms*
>>> > > *timeout client 5ms*
>>> > > *timeout server 5ms*
>>> > > *balance roundrobin*
>>> > > *option forwardfor*
>>> > > *
>>> > > *
>>> > > *frontend http-in*
>>> > > *bind *:80*
>>> > > *default_backend servers*
>>> > > *
>>> > > *
>>> > > *backend servers*
>>> > > *server :85*
>>> > >
>>> > >
>>> > > Many thanks in advance for any help! please let me know
Re: Problem: host header keeps the IP of the HAProxy server
Ok got it! many thanks! just had to give the id as an integer instead of a
name (118), and use srv_id 118
On Thu, Aug 11, 2011 at 1:45 PM, Ran S wrote:
> Many thanks for your help! it seems that this is the correct way, but I get
> a parsing error when checking the file in every possible syntax I could come
> up with
>
> frontend http-in
> bind 172.31.0.104:80
> default_backend test_servers
>
> backend test_servers
> server 118 172.31.0.118:85
> reqirep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118 if {srv_id
> imp118}
> server 104 172.31.0.104:85
>
> Can you tell me the correct syntax?
>
> 2011/8/11 Hervé COMMOWICK
>
>> reqrep if { srv_id }
>>
>> server's id can be forced with "id" keyword if needed
>>
>> Regards,
>>
>> Hervé.
>>
>> On Thu, 11 Aug 2011 13:22:36 +0300
>> Ran S wrote:
>>
>> > Well, I have no idea if this mailing list is active, as I have gotten
>> > no response, but I'll give it another try.
>> >
>> > I managed to change the Host header using ReqRep successfully.
>> >
>> > However, now I am in a state where one of the backends need this
>> > change, and the other one doesn't.
>> > How would I go about configuring this?
>> >
>> > If I put the two backends under one backend node, they both get the
>> > ReqRep parameter, and then one of the servers can't work with the
>> > replaced host header.
>> > If I put them in two backend nodes, how can I get the frontend node to
>> > balance between the two? this appears to be the correct way but I
>> > can't find the right command.
>> >
>> > Thanks
>> >
>> > On Wed, Aug 10, 2011 at 5:00 PM, Ran S wrote:
>> >
>> > > Hello all,
>> > >
>> > > I am trying to use HAProxy for the following configuration:
>> > > Two Linux servers (node1, node2) running apache (on port 85) and
>> > > squid and acting as Proxy servers to the Internet
>> > > I installed HAProxy on node1, and configured it to listen to port
>> > > 80, and have the backends in their respective apache port 85.
>> > >
>> > > While node1 is the only active server in the backend servers list,
>> > > I can make a request to node1:80 and it will be successfully
>> > > redirected to the apache port and returned to me.
>> > >
>> > > However while node2 is the only active backend server, this flow
>> > > will fail and I will simply get a blank page with HTTP 200.
>> > > I think I know why that is. when sniffing on node1, I can see the
>> > > following request flow:
>> > >
>> > > 1. My browser making web the request to node1:80
>> > > 2. Node1 making the request to node2.
>> > > But, this is where the problem comes in.
>> > > The source IP is node1
>> > > The Destination IP is node2
>> > > However the Host in this request is the node1 IP address
>> > >
>> > > So, since node2 backend server is actually a proxy server, it will
>> > > take the IP address from the Host header it received and make a
>> > > request to node1 (since it has it in the request's Host header) and
>> > > the failure will come in.
>> > >
>> > > So I guess what I'm asking is what would be the correct option to
>> > > use in HAproxy in order to have this set up the right way.
>> > >
>> > > I copied the configuration file from one of the examples and
>> > > trimmed it down to the very basic so I can eliminate anything
>> > > that's causing the problems, so here it is:
>> > >
>> > > *global*
>> > > *daemon*
>> > > *maxconn 256*
>> > > *
>> > > *
>> > > *defaults*
>> > > *mode http*
>> > > *timeout connect 5000ms*
>> > > *timeout client 5ms*
>> > > *timeout server 5ms*
>> > > *balance roundrobin*
>> > > *option forwardfor*
>> > > *
>> > > *
>> > > *frontend http-in*
>> > > *bind *:80*
>> > > *default_backend servers*
>> > > *
>> > > *
>> > > *backend servers*
>> > > *server :85*
>> > >
>> > >
>> > > Many thanks in advance for any help! please let me know if you need
>> > > any more information.
>> > >
>> > > Thanks,
>> > > Ran
>> > >
>> > >
>> > >
>>
>>
>>
>> --
>> Hervé COMMOWICK, EXOSEC (http://www.exosec.fr/)
>> ZAC des Metz - 3 Rue du petit robinson - 78350 JOUY EN JOSAS
>> Tel: +33 1 30 67 60 65 - Fax: +33 1 75 43 40 70
>> mailto:hcommow...@exosec.fr
>>
>
>
Re: Problem: host header keeps the IP of the HAProxy server
Many thanks for your help! it seems that this is the correct way, but I get
a parsing error when checking the file in every possible syntax I could come
up with
frontend http-in
bind 172.31.0.104:80
default_backend test_servers
backend test_servers
server 118 172.31.0.118:85
reqirep ^Host:\ 172.31.0.104 Host:\ 172.31.0.118 if {srv_id
imp118}
server 104 172.31.0.104:85
Can you tell me the correct syntax?
2011/8/11 Hervé COMMOWICK
> reqrep if { srv_id }
>
> server's id can be forced with "id" keyword if needed
>
> Regards,
>
> Hervé.
>
> On Thu, 11 Aug 2011 13:22:36 +0300
> Ran S wrote:
>
> > Well, I have no idea if this mailing list is active, as I have gotten
> > no response, but I'll give it another try.
> >
> > I managed to change the Host header using ReqRep successfully.
> >
> > However, now I am in a state where one of the backends need this
> > change, and the other one doesn't.
> > How would I go about configuring this?
> >
> > If I put the two backends under one backend node, they both get the
> > ReqRep parameter, and then one of the servers can't work with the
> > replaced host header.
> > If I put them in two backend nodes, how can I get the frontend node to
> > balance between the two? this appears to be the correct way but I
> > can't find the right command.
> >
> > Thanks
> >
> > On Wed, Aug 10, 2011 at 5:00 PM, Ran S wrote:
> >
> > > Hello all,
> > >
> > > I am trying to use HAProxy for the following configuration:
> > > Two Linux servers (node1, node2) running apache (on port 85) and
> > > squid and acting as Proxy servers to the Internet
> > > I installed HAProxy on node1, and configured it to listen to port
> > > 80, and have the backends in their respective apache port 85.
> > >
> > > While node1 is the only active server in the backend servers list,
> > > I can make a request to node1:80 and it will be successfully
> > > redirected to the apache port and returned to me.
> > >
> > > However while node2 is the only active backend server, this flow
> > > will fail and I will simply get a blank page with HTTP 200.
> > > I think I know why that is. when sniffing on node1, I can see the
> > > following request flow:
> > >
> > > 1. My browser making web the request to node1:80
> > > 2. Node1 making the request to node2.
> > > But, this is where the problem comes in.
> > > The source IP is node1
> > > The Destination IP is node2
> > > However the Host in this request is the node1 IP address
> > >
> > > So, since node2 backend server is actually a proxy server, it will
> > > take the IP address from the Host header it received and make a
> > > request to node1 (since it has it in the request's Host header) and
> > > the failure will come in.
> > >
> > > So I guess what I'm asking is what would be the correct option to
> > > use in HAproxy in order to have this set up the right way.
> > >
> > > I copied the configuration file from one of the examples and
> > > trimmed it down to the very basic so I can eliminate anything
> > > that's causing the problems, so here it is:
> > >
> > > *global*
> > > *daemon*
> > > *maxconn 256*
> > > *
> > > *
> > > *defaults*
> > > *mode http*
> > > *timeout connect 5000ms*
> > > *timeout client 5ms*
> > > *timeout server 5ms*
> > > *balance roundrobin*
> > > *option forwardfor*
> > > *
> > > *
> > > *frontend http-in*
> > > *bind *:80*
> > > *default_backend servers*
> > > *
> > > *
> > > *backend servers*
> > > *server :85*
> > >
> > >
> > > Many thanks in advance for any help! please let me know if you need
> > > any more information.
> > >
> > > Thanks,
> > > Ran
> > >
> > >
> > >
>
>
>
> --
> Hervé COMMOWICK, EXOSEC (http://www.exosec.fr/)
> ZAC des Metz - 3 Rue du petit robinson - 78350 JOUY EN JOSAS
> Tel: +33 1 30 67 60 65 - Fax: +33 1 75 43 40 70
> mailto:hcommow...@exosec.fr
>
Re: Problem: host header keeps the IP of the HAProxy server
reqrep if { srv_id }
server's id can be forced with "id" keyword if needed
Regards,
Hervé.
On Thu, 11 Aug 2011 13:22:36 +0300
Ran S wrote:
> Well, I have no idea if this mailing list is active, as I have gotten
> no response, but I'll give it another try.
>
> I managed to change the Host header using ReqRep successfully.
>
> However, now I am in a state where one of the backends need this
> change, and the other one doesn't.
> How would I go about configuring this?
>
> If I put the two backends under one backend node, they both get the
> ReqRep parameter, and then one of the servers can't work with the
> replaced host header.
> If I put them in two backend nodes, how can I get the frontend node to
> balance between the two? this appears to be the correct way but I
> can't find the right command.
>
> Thanks
>
> On Wed, Aug 10, 2011 at 5:00 PM, Ran S wrote:
>
> > Hello all,
> >
> > I am trying to use HAProxy for the following configuration:
> > Two Linux servers (node1, node2) running apache (on port 85) and
> > squid and acting as Proxy servers to the Internet
> > I installed HAProxy on node1, and configured it to listen to port
> > 80, and have the backends in their respective apache port 85.
> >
> > While node1 is the only active server in the backend servers list,
> > I can make a request to node1:80 and it will be successfully
> > redirected to the apache port and returned to me.
> >
> > However while node2 is the only active backend server, this flow
> > will fail and I will simply get a blank page with HTTP 200.
> > I think I know why that is. when sniffing on node1, I can see the
> > following request flow:
> >
> > 1. My browser making web the request to node1:80
> > 2. Node1 making the request to node2.
> > But, this is where the problem comes in.
> > The source IP is node1
> > The Destination IP is node2
> > However the Host in this request is the node1 IP address
> >
> > So, since node2 backend server is actually a proxy server, it will
> > take the IP address from the Host header it received and make a
> > request to node1 (since it has it in the request's Host header) and
> > the failure will come in.
> >
> > So I guess what I'm asking is what would be the correct option to
> > use in HAproxy in order to have this set up the right way.
> >
> > I copied the configuration file from one of the examples and
> > trimmed it down to the very basic so I can eliminate anything
> > that's causing the problems, so here it is:
> >
> > *global*
> > *daemon*
> > *maxconn 256*
> > *
> > *
> > *defaults*
> > *mode http*
> > *timeout connect 5000ms*
> > *timeout client 5ms*
> > *timeout server 5ms*
> > *balance roundrobin*
> > *option forwardfor*
> > *
> > *
> > *frontend http-in*
> > *bind *:80*
> > *default_backend servers*
> > *
> > *
> > *backend servers*
> > *server :85*
> >
> >
> > Many thanks in advance for any help! please let me know if you need
> > any more information.
> >
> > Thanks,
> > Ran
> >
> >
> >
--
Hervé COMMOWICK, EXOSEC (http://www.exosec.fr/)
ZAC des Metz - 3 Rue du petit robinson - 78350 JOUY EN JOSAS
Tel: +33 1 30 67 60 65 - Fax: +33 1 75 43 40 70
mailto:hcommow...@exosec.fr
Re: Problem: host header keeps the IP of the HAProxy server
Well, I have no idea if this mailing list is active, as I have gotten no response, but I'll give it another try. I managed to change the Host header using ReqRep successfully. However, now I am in a state where one of the backends need this change, and the other one doesn't. How would I go about configuring this? If I put the two backends under one backend node, they both get the ReqRep parameter, and then one of the servers can't work with the replaced host header. If I put them in two backend nodes, how can I get the frontend node to balance between the two? this appears to be the correct way but I can't find the right command. Thanks On Wed, Aug 10, 2011 at 5:00 PM, Ran S wrote: > Hello all, > > I am trying to use HAProxy for the following configuration: > Two Linux servers (node1, node2) running apache (on port 85) and squid and > acting as Proxy servers to the Internet > I installed HAProxy on node1, and configured it to listen to port 80, and > have the backends in their respective apache port 85. > > While node1 is the only active server in the backend servers list, I can > make a request to node1:80 and it will be successfully redirected to the > apache port and returned to me. > > However while node2 is the only active backend server, this flow will fail > and I will simply get a blank page with HTTP 200. > I think I know why that is. when sniffing on node1, I can see the following > request flow: > > 1. My browser making web the request to node1:80 > 2. Node1 making the request to node2. > But, this is where the problem comes in. > The source IP is node1 > The Destination IP is node2 > However the Host in this request is the node1 IP address > > So, since node2 backend server is actually a proxy server, it will take the > IP address from the Host header it received and make a request to node1 > (since it has it in the request's Host header) and the failure will come in. > > So I guess what I'm asking is what would be the correct option to use in > HAproxy in order to have this set up the right way. > > I copied the configuration file from one of the examples and trimmed it > down to the very basic so I can eliminate anything that's causing the > problems, so here it is: > > *global* > *daemon* > *maxconn 256* > * > * > *defaults* > *mode http* > *timeout connect 5000ms* > *timeout client 5ms* > *timeout server 5ms* > *balance roundrobin* > *option forwardfor* > * > * > *frontend http-in* > *bind *:80* > *default_backend servers* > * > * > *backend servers* > *server :85* > > > Many thanks in advance for any help! please let me know if you need any > more information. > > Thanks, > Ran > > >
