Re: regression in 1.6.13 - wrong http status in logs and stats

Hi Michal, On Wed, Jul 12, 2017 at 04:06:16PM +0200, Michal Pasierb wrote: > Hi, > > I would like to report a regression in HAProxy 1.6.13 after upgrading from > 1.6.9 in production :( > > Reproduce with config: > > --- > global > log 127.0.0.1 local0 > log 127.0.0.1 local1 notice >

DNS suffix for resolver

Hi, I have used today again my haproxy image https://hub.docker.com/r/me2digital/haproxy17/ in openshift. There is a variable SERVICE_DEST which have the destination hostname for the server line in haproxy. When I use just mongodb, that's the service name in openshift, it will not resolve

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

On Wed, Jul 12, 2017 at 03:54:28PM +0200, Emmanuel Hocdet wrote: > Yes i'm confident because i worked a lot to abstract tls version/api support > with > older/newer openssl versions. It's what i do with haproxy's methodVersions > table > for ssl-min/max-ver support. > What i'm missing is

regression in 1.6.13 - wrong http status in logs and stats

Hi, I would like to report a regression in HAProxy 1.6.13 after upgrading from 1.6.9 in production :( Reproduce with config: --- global log 127.0.0.1 local0 log 127.0.0.1 local1 notice maxconn 4096 chroot /usr/share/haproxy uid 99 gid 99 daemon defaults log global mode

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

> Le 12 juil. 2017 à 15:23, Willy Tarreau a écrit : > > Hi Manu! > > Please don't forget to CC Emeric and keep in mind that I still don't > understand anything about openssl, so for me it's always a huge pain > each time to try to have an opinion on openssl related changes. >

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

Hi Manu, On 07/12/2017 03:23 PM, Willy Tarreau wrote: > Hi Manu! > > Please don't forget to CC Emeric and keep in mind that I still don't > understand anything about openssl, so for me it's always a huge pain > each time to try to have an opinion on openssl related changes. > > On Wed, Jul 12,

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

Hi Manu! Please don't forget to CC Emeric and keep in mind that I still don't understand anything about openssl, so for me it's always a huge pain each time to try to have an opinion on openssl related changes. On Wed, Jul 12, 2017 at 02:54:16PM +0200, Emmanuel Hocdet wrote: > > Hi Willy, > >

Re: [PATCH] BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0

Hi Willy, I would like you consider this patches because Christopher’s patch is false and doesn’t support other ssl libs and openssl >= 1.1.0. I sent my original patch with more comments and another with a little cleanup: ++ Manu

Re: Question about "show servers state" and changing backends

On Tue, Jul 11, 2017 at 6:59 PM, Joseph Lynch wrote: > Ah, I didn't realize that id was the puid! Let me try that out! > > So just curious, if the puid is what we're using to uniquely identify > servers, why can't we update the name dynamically? It seems like > use-server

Re: X-Real-IP = X-Forwarded-For

Hi Andrey Zakabluk, Andrey Zakabluk wrote on 12.07.2017: > Hi! I Use > HA-Proxy version 1.5.12 2015/05/02 > . > Need add in http package option X-Real-IP. X-Real-IP should be equal > X-Forwarded-For. X-Forwarded-For be in package. > I tried > frontend http-in > bind *:4016 >

X-Real-IP = X-Forwarded-For

Hi! I Use HA-Proxy version 1.5.12 2015/05/02 . Need add in http package option X-Real-IP. X-Real-IP should be equal X-Forwarded-For. X-Forwarded-For be in package. I tried frontend http-in bind *:4016 default_backend servers mode http option httplog