Hi,
Le 15/01/2015 03:59, RAKESH P B a écrit :
Hi Cyrill,
Thanks for the update.
In Application side we are not using any SSL offloading. I have tested
with pound (for ssl termination) & haproxy (for load balancing)
combination and issue got resolved.
I guess you have RewriteLocation > 0 in
Hi All,
We got hit with a bit of traffic and we saw haproxy dump most of the
traffic to 3-4 app servers, sometimes even just one and driving load on
there to 90. We were running 1.5.9, I upgraded to 1.5.10 and the same
problem remained. Currently traffic is low so everything is load balanced
e
Hi Cyrill,
Thanks for the update.
In Application side we are not using any SSL offloading. I have tested
with pound (for ssl termination) & haproxy (for load balancing) combination
and issue got resolved. But if i tried with haproxy only , then getting the
issue. I think there is some configura
Hi,
I wanted to report a nasty bug I discovered today:
Portforwarding to a different IP on the same haproxy-box causes haproxy behave
buggy.
This error happens when one uses the TPROXY target for portforwarding,
ie. like this:
Let's say the IP of the main interface is 192.168.100.100,
and traf
Hi Shawn,
Le 15/01/2015 01:59, Shawn Heisey a écrit :
I'm trying to ensure that multiple connections from the same browser end
up on the same back end server, and having lots of trouble. All my work
with haproxy up to now has been with connections that don't need
persistence - everything releva
I'm trying to ensure that multiple connections from the same browser end
up on the same back end server, and having lots of trouble. All my work
with haproxy up to now has been with connections that don't need
persistence - everything relevant happens in one http request.
This is probably PEBCAK
Hi Baptiste,
tarpit is pretty handy but as far as I understood it will keep the connection
open, on both sides. So at some point (pretty quickly actually) we cannot handle
any more connections on that host. The host will become slow and/or
unresponsive. When we close the connection on our local si
On Wed, Jan 14, 2015 at 5:00 PM, Christian Ruppert wrote:
> Hey guys,
>
> just a thought... wouldn't it make sense to add an option to "tcp-request
> connection reject" to disable the actual TCP RST? So, an attacker tries to
> (keep) open a lot of ports:
>
> a) HAProxy (configured with rate limiti
Hey guys,
just a thought... wouldn't it make sense to add an option to "tcp-request
connection reject" to disable the actual TCP RST? So, an attacker tries to
(keep) open a lot of ports:
a) HAProxy (configured with rate limiting etc.) does a "tcp-request connection
reject" which ends up as a TCP
Hello folks,
I'd like to use the proxy / webirc feature of ngIRCd. For that, it is
required that the proxy sends the following command at the beginning of
the communication :
WEBIRC
(see http://ngircd.barton.de/doc/Protocol.txt, section II.4)
How can I do this in my backend ? Shall I us
Willy Tarreau 1wt.eu> writes:
>
> Hi Cryil,
>
>
> We're aware of this. We wanted an easy way to add this until I realized
> that the "total" bytes in the channel is set while reading, and documented
> as bytes being sent :-/
>
> So we need to have two distinct counters, one for bytes read, an
11 matches
Mail list logo
