Thank you Willy!
A
On Wed, Sep 9, 2020 at 1:31 PM Willy Tarreau wrote:
> On Wed, Sep 09, 2020 at 07:20:17PM +0200, Willy Tarreau wrote:
> > Feel free to pick this patch if that helps for your builds, I'm going
> > to backport it to 2.2 once all platforms are happy.
>
> All builds are OK now,
Correct.. this is arm based on my side as well.
Sent from my Pixel 3XL
On Tue, Sep 8, 2020, 5:47 PM Vincent Bernat wrote:
> ❦ 8 septembre 2020 16:13 -04, Alex Evonosky:
>
> > Just compiling 2.2.3 and getting this reference:
> >
> >
> > /haproxy-2.2.3/src/thr
Hello Haproxy group-
Just compiling 2.2.3 and getting this reference:
/haproxy-2.2.3/src/thread.c:212: undefined reference to `_Unwind_Find_FDE'
Is there a new lib thats required?
Thank you!
Thank you Willy. That did it!
Great work!
Sent from my Pixel 3XL
On Mon, Dec 16, 2019, 11:50 PM Willy Tarreau wrote:
> Hello Alex,
>
> On Mon, Dec 16, 2019 at 01:22:42PM -0500, Alex Evonosky wrote:
> > Hello Haproxy group-
> >
> > migrating from haproxy
Hello Haproxy group-
migrating from haproxy 2.0 to 2.1 and noticed some directives changed:
=== 2.0.10 ===
capture request header origin len 128
http-response add-header Access-Control-Allow-Origin %[capture.req.hdr(0)]
if { capture.req.hdr(0) -m end aiqwest.com }
http-response add-header
after compiling the new 2.0.1, it seems the HTTP2 issue *we were seeing* on
2.0 but not on 1.9.8 are fixed.
Thank you.
On Thu, Jun 27, 2019 at 7:19 AM Aleksandar Lazic wrote:
> Am 26.06.2019 um 19:28 schrieb Christopher Faulet:
> > Hi,
> >
> > HAProxy 2.0.1 was released on 2019/06/26. It added
Jeff
>
>
> On 20/05/2019 17:48, Alex Evonosky wrote:
>
> example:
>
> pod1:
>
> primary: 1.1.1.2
> secondary: 1.1.1.3
> virtual: 1.1.1.1
>
>
> pod2:
>
> primary: 1.1.1.5
> secondary: 1.1.1.6
> virtual: 1.1.1.4
>
>
> The mechanism to utiliz
, 2019 at 11:37 AM Jeff Abrahamson wrote:
> Thanks, Alex.
>
> I'd understood that, but not the mechanism. Each host has an A record.
> Did I miss a DNS mapping type for virtual addresses? Or do the two hosts
> run a protocol between them and some other party? (But if one of my
&
hich used to
> have DNS resolutions from one name to multiple IP's, now resolve to a
> single IP.
>
> Jeff Abrahamson
> http://p27.eu/jeff/
> http://transport-nantes.com/
>
>
> On 20/05/2019 15:04, Alex Evonosky wrote:
>
> You could make it a bit more agile
You could make it a bit more agile and scale it:
you can run them in "pods", such as two haproxy instances running
keepalived between them and use the ViP IP as the DNS record, so if an
HAproxy instance was to die, the alternate HAproxy instance can take over.
Set more pods up and use DNS round
the docs.
On reflection I was not able to discern the distinction of the sample fetch
keyword list and the ACL keyword list in payload.c. I hope that having added
this to the sample fetch list only was correct, even though it does not match
the example set by "req_ssl_sn
Hi Willy,
Thanks for the generous review and pointers - that does sound much better and
appears to work well for the ClientHellos I have tried. Sorry for not posting
this as RFC.
Alex
- Original message -
From: Willy Tarreau
To: Alex Zorin
Cc: haproxy@formilux.org
Subject: Re
Unfortunately I attached the wrong patch file. Attaching in reply.
Alex
On Sun, Dec 30, 2018, at 2:20 PM, Alex Zorin wrote:
> Hello,
>
> The attached patch adds acl support for the TLS ALPN extension
> (RFC7301) extension via "req.ssl_alpn", in a similar v
Hello,
The attached patch adds acl support for the TLS ALPN extension (RFC7301)
extension via "req.ssl_alpn", in a similar vein to "req.ssl_sni".
It is useful for pass-thru of TLS connections in scenarios like ACME's
tls-alpn-01.
Thank you
Alex>From 8008e5e8f23747741
Hi haproxy.org,
Hope you are doing fantastic.
I am Alex Sr. Web Analyzer having 9+ years of experience in Search Engine
Marketing, Social media Marketing, Content Marketing, Pay-per-click, Video
Marketing etc.
While analyzing your website, we tracked some pitfalls for which your
website doesn’t
Hi haproxy.com,
Hope you are doing fantastic.
I am Alex Sr. Web Analyzer having 9+ years of experience in Search Engine
Marketing, Social media Marketing, Content Marketing, Pay-per-click, Video
Marketing etc.
While analyzing your website, we tracked some pitfalls for which your
website doesn’t
Tim-
I can speak from a production point of view that we had HAproxy on the 1.6
branch inside docker containers for mesos load balancing with pretty much
the same requirements as you spoke of. After compiling Haproxy to the 1.8x
branch the same config worked without issues.
-Alex
On Mon, Jul
Congratulations!
On Mon, Nov 27, 2017 at 8:41 AM, Arnall wrote:
> Le 26/11/2017 à 19:57, Willy Tarreau a écrit :
>
>> Hi all,
>>
>> After one year of intense development and almost one month of debugging,
>> polishing, and cross-review work trying to prevent our respective
Hi,
I have contacted you about sponsorship. Have you received the letter?
Looking forward to your reply,
Best regards,
Alex Smith.
On Пт, 13 окт 2017 10:37:50 + Alex Smith
a...@bestvpnrating.com wrote
Hello!
My name is Alex and I represent the website
Hello!
My name is Alex and I represent the website bestvpnrating.com
Our company is aimed at sponsoring your project. How can we be listed among
your sponsors?
Looking forward to your reply,
Best regards,
Alex Smith.
Hello!
My name is Alex and I represent the website bestvpnrating.com
Our company is aimed at sponsoring your project. How can we be listed among
your sponsors?
Looking forward to your reply,
Best regards,
Alex Smith.
Hello!
Hope your day is going well!
My name is Alex and I’m a representative of the site bestvpnrating.com.
The aim of our site is to provide recent news about VPN services and
cybersecurity at large. Actually, you may visit the site to ascertain.
I would like to know is it possible to add
Hi there,
Our company is using LUA scripting a lot, and I've discovered some missing
functions in the code. We've made a patch to fill these gaps, but I don't
know how to make a pull request. So, I've made a copy of the haproxy
repository and pushed my changes there. It's based on latest
Hi there.
I'm moving some code to HAProxy (LUA) and struggling with missing (or
undocumented) functionality:
1. I'm modifying request headers in action context before passing it to
web-servers, but can't access URL/query string (looks like it's only
available with AppletHTTP class in service
Haproxy 1.6.15 crashes with following error
haproxy[24074]: segfault at 3dbed94000 ip 003dbea897fb sp
7fffc7278e68 error 4 in libc-2.12.so[3dbea0+18a000]
Hi Ben
Thanks for the great responses, a pair of haproxies isn't quite a pair of
f5's yet!!!
We really wanted to ensure we had tested the current capabilities as far as
we could.
Cheers
Alex
On 24 February 2016 at 02:34, Benjamin Lee <benjamin@realthought.net>
wrote:
> [.
as if i am missing something from the haproxy configuration that
means the 2 instances are not sharing their state.
configs are available, but its all pretty standard and follows the docs
Thanks in advance for any help
Alex
while "draining" with set
weight 0 if using server-state-file feature.
Is this correct ?
Thank you,
Alex
On Thu, Jan 21, 2016 at 9:00 PM, Willy Tarreau <w...@1wt.eu> wrote:
> Hi,
>
> On Wed, Jan 20, 2016 at 10:53:46AM +0200, Alex wrote:
> > Hello,
> &
es, if any ?
Also, the server line from stats should become blue for status change to
DRAIN, or my test result is the expected behavior ?
Thank you,
--
Alex S
Hi Guys , how do unsubscribe :)
Thanks
Alex
> On Dec 3, 2015, at 2:35 AM, Willy Tarreau <w...@1wt.eu> wrote:
>
> On Wed, Dec 02, 2015 at 11:28:28AM +, David Carlier wrote:
>> Hi all,
>>
>> Here it is a slight change, the DeviceAtlas module logging is si
ting hideously dirty hack :)\n",depth);
ERR_clear_error();
return 1;
}
If the depth is greater than 0 you're verifying the revocation status of a
CA certificate. If the error code is 3 it corresponds to
X509_V_ERR_UNABLE_TO_GET_CRL as per the OpenSSL x509_vfy.h
Alex T
From: &quo
Ricardo F writes:
>
> Hello,
> Thanks for the responses, At least i found that my tought are correct.
>
> If you have enought time, Willy, i will read the explanation gladly but if
someone are in the same situation as me, this is other workaroung:
>
> rspidel
Seu cliente de e-mail não pode ler este e-mail.
Para visualizá-lo on-line, por favor, clique aqui:
http://comprasnoparaguay23.net/display.php?M=426C=0756d1e8cdaf638b4892e93319565405S=6L=1N=1
Para parar de receber nossos
Seu cliente de e-mail não pode ler este e-mail.
Para visualizá-lo on-line, por favor, clique aqui:
http://comprasnoparaguay23.net/display.php?M=426C=0756d1e8cdaf638b4892e93319565405S=2L=1N=1
Para parar de receber nossos
We have
HAProxy running on GlusterFS
and geting “connection refuse , port map failure “ any ideas ?
Alex
Do I need rpcbind runing on haproxy , ? we are trying to use the haproxy to
load balance across GlusterFS for NFS using mode tcp
but i get connection refused port 111 .
using haproxy getting connection refused on portmaper
any suggestion
thanks
Alex
17.199.146.184:80
modehttp
stats enable
stats uri /stats
On May 19, 2015, at 12:14 PM, Tim t...@bastelfreak.de wrote:
maybe you want to share your configs?
On 19.05.2015 21:00, Alex wrote:
using
should we debug further?
Alex
the option of
send-proxy to send client src ip to the backend server.
Is this possible?
Alex
Thanks.
It seems that haproxy needs to terminate ssl connection and start another ssl
connecion to the backend to get it work. (HAProxy in HTTP mode?)
Using tcp mode of haproxy, it seems that SSL connction negotiation can not be
started.
Alex
From: luky...@hotmail.com
To: alex_wu2
Title: Alex coach sduction
Cliquez ici pour lire cet e-mail dans votre navigateur. Elle est Inaccessible? Raison de plus pour l’Aborder
unsubscribe
Same for me now. It was fixed shortly after I sent the email.
Cheers,
Alex
On 19-Dec-13 5:07 PM, Mark Janssen wrote:
Not for me...
Quick News
Dec 17th, 2013 : 1.5-dev21
Several early testers reported a few annoying bugs yesterday, so I
preferred to fix them quickly and issue another release
table webservers | socat /var/lib/haproxy/stats - | fgrep
4start_of_session
From my config, it was also important to store text not binary data in the
table.
-Alex
On Sat, Mar 2, 2013 at 5:32 PM, Alex Davies a...@davz.net wrote:
I was trying to troubleshoot this with a packet dump on the peer
This change makes the crt block of the documentation easier to use
for those not clear on what needs to go in what file, specifically for
those using CAs that require intermediate certificates.
---
doc/configuration.txt | 44 +---
1 files changed, 29
not quite sure where to put this,
so i've left it out; if you think this would be helpful i'd be very happy
to add it.
Thanks,
Alex
On Sun, Feb 10, 2013 at 10:23 PM, Willy Tarreau w...@1wt.eu wrote:
Hi Alex,
On Sun, Feb 10, 2013 at 08:46:46PM +, Alex Davies wrote:
Hi All,
I saw some
persistence based
on a cookie that I could test, by chance?
Thanks,
-Alex
:80 weight 6 check observe layer4 inter 1
server ww3 10.99.99.203:80 weight 10 check observe layer4 inter 1
...
Thanks,
Alex
On Sun, Feb 10, 2013 at 9:47 PM, Baptiste bed...@gmail.com wrote:
Hi,
It's weird you don't need the store-response.
Test it as best as you can
anything in the logs about the peers, nor anything in the haproxy
status URL. Obviously if the peering were to silently break down, this
would be bad for me!
Thanks,
-Alex
On Fri, Feb 8, 2013 at 4:22 AM, Baptiste bed...@gmail.com wrote:
ahah, you can call me Baptiste :)
You miss a stick
is fantastic. Thanks guys!
Thanks,
-Alex
[1] Godaddy ask you to choose your type of SSL provider. I selected nginx
as I have used that before, but for some reason it does not provide the
intermediate certificate in this case. Select Apache Tomcat to get a zip
file with both gd_bundle
that this will only mean that
sessions become persistant once PHPSESSID is set. So, to translate into
practicality, as long as the login page creates the relevant cooke (and it
does not subsequently change once logged in), this should work nicely.
Thanks,
-Alex
On Sun, Feb 3, 2013 at 7:59 AM
end up with a
Thanks,
-Alex
client. I do
have haproxy sending out the X-Forwarded-For. But the f5 does not see it.
Anyone have an example of how scenario like this would work? Do I need to
modify haproxy or is this an f5 issue?
Thank you again in advance..
[circle]http://www.suny.edu/
Alex DeMarco
Manager
Right now it is just a proof of concept idea. Part of the problem is that F5
the we own does not do reverse proxying,. At least not without running an iRule
that no one on their support department will support you on. Unless I am
completely missing something.
- Alex
From: Jeffrey
123.456.789.99 for example.
thanks!
[circle]http://www.suny.edu/
Alex DeMarco
Manager of Technical Services
The State University of New York
State University Plaza - Albany, New York 12246
Tel: 518.320.1398Fax: 518.320.1550
Be a part of Generation SUNY: Facebookhttp://www.facebook.com
Thank you.. However, I a have a followup.. What does it mean when I get this:
'stats' ignored because frontend 'myfrontend-80' has no backend capability?
Even though I have a default backend defined?
Thanks again.
- Alex
From: Baptiste [mailto:bed...@gmail.com]
Sent: Thursday
Hi Willy,
I never replied to this mail, my apologies!
Thank you for your suggestions. Sadly, in our case, neither approach works
- but it was worth asking you first. I solved our problem with something
that executes right at the start of our application,
Thank you!
Alex
On Wed, Nov 28, 2012
- Alex
it working for
other parts.
- Alex
-Original Message-
From: Baptiste [mailto:bed...@gmail.com]
Sent: Tuesday, December 18, 2012 2:43 PM
To: DeMarco, Alex
Cc: haproxy@formilux.org
Subject: Re: Passing host head to the backend
Hi,
Nothing to do, it will pas it straight away, unless you tell
Thank you, I have this working..
- Alex
Original message
From: Willy Tarreau w...@1wt.eu
Date: 12/14/2012 2:48 AM (GMT-05:00)
To: DeMarco, Alex alex.dema...@suny.edu
Cc: haproxy@formilux.org
Subject: Re: Re-encrypt to the backend
Hi Alex,
On Fri, Dec 14, 2012 at 12:58
them and send them to the backend because
the backend http server is expecting an ssl connection.
Can I do this in haproxy? If so, could you give me some pointers? Thanks!
Alex
Question, on demo.1wt.eu what was used to create this? Is it a function in
HAProxy? I've been looking thru the doc and cannot seem to find it.
Thank you.
- Alex
I am trying to get stats enable to work.
However, every time I try to start haproxy I get the following error:
'stats' ignored because frontend has no backend capability.
I have backend rules in place so I am not sure what else I am missing..
Any ideas?
Thank you..
Alex
I got it working.. thank you
- Alex
From: DeMarco, Alex [mailto:alex.dema...@suny.edu]
Sent: Friday, December 07, 2012 7:18 PM
To: haproxy@formilux.org
Subject: Stats error
I am trying to get stats enable to work.
However, every time I try to start haproxy I get the following error
Thanks I have it working..
Alex
Baptiste wrote:
Hi Alex,
by default, IIS will export the cert in a PKCS12 format, you have to
translate it into PEM format.
When exporting, don't forget to export the private key as well.
openssl pkcs12 -in key_and_cert.pfx -out key_andcert.pem -nodes
cheers
!
-Alex
-one-the-front/
but I'd prefer to not do that because it just adds further complexity to the
setup (more ssh tunnels).
Thanks,
Alex
is blocked by (from the example post
there are 2)
* Is it possible to 'hash' on a specific cookie value (i'm thinking
PHPSESSID) as well as IP, i.e. if connections for any given PHPSESSID value
reaches x per minute block?
Many thanks,
Alex
--
Alex Davies
This email and any files transmitted
if cookie_conn_rate_abuse mark_as_abuser
Many thanks,
Alex
On Thu, Nov 10, 2011 at 12:56 PM, Baptiste bed...@gmail.com wrote:
On Thu, Nov 10, 2011 at 12:48 PM, Alex Davies a...@davz.net wrote:
Hi,
I am interested in rate limiting connections from users to stop small DOS
'attacks' from individual
Hi Willy,
Thank you for your detailed explanation; you are entirely right and the
limit that was screwing me was the limit of fds/process which I have now
fixed.
Can you explain which parameter should be set to 2 to prevent malloc() fails
when there is no more memory left?
Many thanks,
Alex
to as
close to infinite as possible - and allow them to use all the system
RAM.
Would anybody with more knowledge in this area be able to shed any light?
- Alex
? (the configuration
is the same as in my email - i.e. server timeout 2hrs).
I will investigate the 502 errors with more benchmarking directly against
the backends. Thank you for confirming that this is the source of the
problem.
Many thanks,
Alex
On Tue, Sep 13, 2011 at 11:41 PM, Willy Tarreau w...@1wt.eu
connection before returning a 502 - I thought that the option
redispatch and retries 10 would ensure another go.
If anybody is able to shed some thoughts on my two questions I would be very
grateful!
Many thanks,
Alex
# haproxy.conf
global
log 127.0.0.1 local4 debug
chroot /var
any at all in the first minute of a new process).
Cheers,
Alex
On Tue, Sep 13, 2011 at 1:46 PM, Cyril Bonté cyril.bo...@free.fr wrote:
clitimeout
any at all in the first minute of a new process).
Cheers,
Alex
On Tue, Sep 13, 2011 at 1:46 PM, Cyril Bonté cyril.bo...@free.fr wrote:
clitimeout
is being tracked, it will start appearing in our search results as soon as enough information is gathered, typically 24 hours.
Please let me know how it works out or if you need my help.
Thanks,
Alex Prikhodko
Lead Developer
expo-MAX Inc.
10520 Yonge St., Unit 35B
Suite 138
Richmond
Hi,
We're looking to upgrade our HAProxy hardware soon. Does anyone have any
recommendations on the things we should be looking for? e.g. Are there any
NICs we should use/avoid?
Our site primarily serves lots of small objects.
Kind regards,
Alex
experienced similar
issues.
I am using Apache from the CentOS 5 repository (Apache 2.2.3), mpm prefork
(StartServers: 200, MinSpareServers: 50, MaxSpareServers: 400, ServerLimit:
1024, MaxClients: 1024)
Alex
2010/1/20 Emmanuel Bailleul emmanuel.baill...@telindus.fr
Hi Alex,
The 'lingering close
to have HAProxy selectively log requests, either based on
an acl, or ideally, backend?
Cheers,
Alex
on this.
If this is the problem, you can fix it using 'option httpclose' in you
HAProxy configuration, or by disabling keep-alives on your backend web
servers.
- Alex
Tom Potwin wrote:
Hi
I hope I'm doing this correctly. I just joined, and I haven't used a
mailing list in a long time.
I'm
83 matches
Mail list logo