Re: Transparent TCP LoadBalancing on FreeBSD
Hi ZeN Willy, To use transparent proxying on FreeBSD you currently need to compile with USE_LINUX_TPROXY=yes. And make a few changes to the source code (else it wont compile). As a quick and dirty fix you could (manually?) apply this patch [1]: http://marc.info/?l=haproxym=136700170314757w=2 For the better/cleaner fix this one should be usable [2]: http://marc.info/?l=haproxym=136707895800761w=2 , which is what i would like to get committed to the main HAProxy source tree. @Willy could you take a look at the patch attached to that mail [2] ? Greets, PiBa-NL Op 2-5-2013 5:13, ZeN schreef: Dear Users, sorry if i open new thread, but i really want to solve this problem.. i manage to compile haproxy via port using TPROXY : haproxy -vv HA-Proxy version 1.5-dev18 2013/04/03 Copyright 2000-2013 Willy Tarreau w...@1wt.eu Build options : TARGET = freebsd CPU = generic CC = cc CFLAGS = -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS OPTIONS = USE_TPROXY=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.7 Compression algorithms supported : identity, deflate, gzip Built with OpenSSL version : OpenSSL 0.9.8y 5 Feb 2013 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes but when i started the service with the source 0.0.0.0 usesrc clientip option, the haproxy wont start with this messages: parsing [/usr/local/etc/haproxy.conf:28] : 'usesrc' not allowed here because support for TPROXY was not compiled in. what i should i do to make haproxy compile with transparent option? Rgds ZeN
Re: Transparent TCP LoadBalancing on FreeBSD
Hi PiBa, i will try those patch to day, i will let you know when it done.. TIA On 5/3/13 12:16 AM, PiBa-NL wrote: Hi ZeN Willy, To use transparent proxying on FreeBSD you currently need to compile with USE_LINUX_TPROXY=yes. And make a few changes to the source code (else it wont compile). As a quick and dirty fix you could (manually?) apply this patch [1]: http://marc.info/?l=haproxym=136700170314757w=2 For the better/cleaner fix this one should be usable [2]: http://marc.info/?l=haproxym=136707895800761w=2 , which is what i would like to get committed to the main HAProxy source tree. @Willy could you take a look at the patch attached to that mail [2] ? Greets, PiBa-NL Op 2-5-2013 5:13, ZeN schreef: Dear Users, sorry if i open new thread, but i really want to solve this problem.. i manage to compile haproxy via port using TPROXY : haproxy -vv HA-Proxy version 1.5-dev18 2013/04/03 Copyright 2000-2013 Willy Tarreau w...@1wt.eu Build options : TARGET = freebsd CPU = generic CC = cc CFLAGS = -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS OPTIONS = USE_TPROXY=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.7 Compression algorithms supported : identity, deflate, gzip Built with OpenSSL version : OpenSSL 0.9.8y 5 Feb 2013 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes but when i started the service with the source 0.0.0.0 usesrc clientip option, the haproxy wont start with this messages: parsing [/usr/local/etc/haproxy.conf:28] : 'usesrc' not allowed here because support for TPROXY was not compiled in. what i should i do to make haproxy compile with transparent option? Rgds ZeN
Transparent TCP LoadBalancing on FreeBSD
Dear Users, sorry if i open new thread, but i really want to solve this problem.. i manage to compile haproxy via port using TPROXY : haproxy -vv HA-Proxy version 1.5-dev18 2013/04/03 Copyright 2000-2013 Willy Tarreau w...@1wt.eu Build options : TARGET = freebsd CPU = generic CC = cc CFLAGS = -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS OPTIONS = USE_TPROXY=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.7 Compression algorithms supported : identity, deflate, gzip Built with OpenSSL version : OpenSSL 0.9.8y 5 Feb 2013 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes but when i started the service with the source 0.0.0.0 usesrc clientip option, the haproxy wont start with this messages: parsing [/usr/local/etc/haproxy.conf:28] : 'usesrc' not allowed here because support for TPROXY was not compiled in. what i should i do to make haproxy compile with transparent option? Rgds ZeN
