heck if the original request is a SSL
> one or not. Is this possible somehow?
>
> Regards,
> Dennis
>
Hi Dennis,
You should not point your SSL frontend to your clear one.
Just use the clear one with a simple redirect rule to SSL one and make
the SSL one point to your backend.
And you're done.
Baptiste
ing to figure out if there is no other way to achieve what
you're doing with your stick table, to avoid using a peers section.
Baptiste
>
> Thanks for you help and for this great product!
>
> --aydan
Hi,
This is not yet available in HAProxy.
It's a common request and should be available some day, but no idea when!
Baptiste
e send us an example of what you get in HAProxy and how you want
it out after HAProxy has rewritten it.
Baptiste
not (if
yes, how much)
- make HAProxy to answer directly without accessing nginx and check if
you doubled the performance or not (and report us the result)
- run your nginx server on a separated server and tell us the
performance you can reach
Baptiste
k at 'inter'
interval using any check and perform a deeper one using the
agent-check at 'agent-inter' period.
Baptiste
> Why be difficult when, with a bit of effort, you could be impossible?
Thanks ben for clarifying.
Last question when we speak about load-balancing: does it need any
kind of persistence??
Baptiste
On Thu, Jul 3, 2014 at 10:57 AM, Jai Gupta wrote:
>
>
>
> On Thu, Jul 3, 2014 at 12:49 PM, Baptiste wrote:
>>
>> On Thu, Jul 3, 2014 at 9:03 AM, Jai Gupta wrote:
>> > We use SSL so we would want to use Multiple CPU Cores as well.
>> > We also use Pee
.cequens.com
>
>
>
> [image: http://www.cequens.com/email-signature/logo.jpg]
>
>
>
> *From:* Baptiste [mailto:bed...@gmail.com]
> *Sent:* Thursday, July 3, 2014 2:02 PM
> *To:* Ahmed Ayoub
> *Cc:* haproxy@formilux.org; ste...@vergic.com; christ...@vergic.com
> *Su
On Thu, Jul 3, 2014 at 2:24 PM, Thierry FOURNIER wrote:
> On Tue, 1 Jul 2014 23:00:13 +0200
> Baptiste wrote:
>
>> On Tue, Jul 1, 2014 at 10:54 PM, William Jimenez
>> wrote:
>> > Hello
>> > I am trying to modify ACLs via the socket interface. When I try
niya Towers, King Fahd Rd.
>
> 7th Floor, North Tower
>
> P.O. Box 220933
>
> Riyadh, Saudi Arabia
>
> Tel: +20 (2) 22734506
>
> Fax: +20 (2) 26718892
>
>
>
> Tel: +966 (11) 2181515
>
> Fax: +966 (11) 2181520
>
>
>
> [image: http://www.cequens.com/email-signature/banner.jpg]
>
>
>
Hi,
Can you define what SMPP is???
Baptiste
;
> Jai
Hi Jai,
First question is what is the good reason you need to synchronize
content of stick-tables using peers?
Baptiste
On Wed, Jul 2, 2014 at 6:55 PM, William Jimenez
wrote:
> Hi Baptiste et al.,
> Did you see my last comments? Sorry if this is an issue already addressed,
> but I wasn't able to find anything on usage specifics in the documentation.
>
> Thanks,
> William
>
>
>
On Tue, Jul 1, 2014 at 11:16 PM, William Jimenez
wrote:
> Hi Baptiste, thank you for the response. I'm afraid I still don't follow.
> Say I have the an ACL that I want to toggle from its current state (as
> defined in the flat file) to 'always_false'. I can see it ex
ontent from a file.
The file name will be considered as a 'reference' you can point to
when updating content.
Don't forget to update simultaneously the content from an ACL and from
the flat file to make HAProxy reload reliable :)
Baptiste
to 1.000.000 file desciptors,
which means that at most, 1 HAProxy can forward 500.000 TCP
connections (since HAProxy needs 1 connection on the client side and
an other one on the server side).
Baptiste
everything else to the HTTP frontend?
>
>
>
> --
> Claus Strommer, Dev/Ops Engineering Specialist
Hi Claus,
first, I don't understand your configuration.
You may have cut some part of it, but you cut too much :)
We need to know the content of require_ssl and require_nossl.
Also, the backend 3001 is not used.
Maybe this could help: if you want to cipher a connection to a server,
then simply add the keyword "ssl" on the server line.
(check also the global parameter ssl-server-verify)
Baptiste
Great, amazing! Congratulation.
Just born and already 4 years old :)
Let's upgrade millions of websites now :)
Baptiste
o have the whole team
> present, maybe on tuesday at noon. If you want to join us at the office,
> you're more than welcome :-)
Note, we (haproxy.com) may organize some party in Paris later this year.
You'll be invited, for sure.
Baptiste
On Wed, Jun 18, 2014 at 11:47 AM, Jie Jin wrote:
> Thanks
>
> Lukas
> :
>
> I am looking at the tool. Hope I can understand how to run it (:
>
>
> Baptiste
> .
>
> which version of haproxy you used in the performance test? and how many you
> did in your test
; http://1wt.eu/tools/inject/
>
> Server:
> http://1wt.eu/tools/httpterm/
>
>
>
> Regards,
>
> Lukas
>
>
Jie,
This article on Willy's website is outdated, we can do much more now
Baptiste
such case you just want to protect a particular URL from being
hitting too much.
URL:
http://blog.haproxy.com/2013/04/26/wordpress-cms-brute-force-protection-with-haproxy/
Now, if you explain us your needs, we may be able to help you.
Baptiste
; work explains why cloning from the machine itself took longer than
> it took for you to clone from it (small CPU here).
>
> > So I can confirm we are at least equal to github performance now after
> > the repack.
>
> Great, thank you for checking.
>
> Willy
>
>
Excellent news.
This feature will be helpfull for some dirty workarounds I have in mind :)
Baptiste
I agree with Aaron.
the expire period in the stick table should cover at least the
expected work period.
This is also how I setup them.
Baptiste
On Fri, Jun 13, 2014 at 10:40 PM, Aaron West wrote:
> Hi,
>
> I'm not aware of a way to achieve what you want exactly.
>
> Th
do you want to rewrite
the request when forwarded to the server?
Baptiste
balance roundrobin
> server pubwebsite01 172.16.0.116:80 weight 1 check inter 5000 rise 2
> fall 5
> server pubwebsite02 172.16.0.123:80 weight 1 check inter 5000 rise 2
> fall 5
>
> backend ipv6-80
> balance roundrobin
> server pubwebsite01 2000:22:22::22:80 weight 1 check inter 5000 rise 2
> fall 5
> server pubwebsite02 2000:22:22::23:80 weight 1 check inter 5000 rise 2
> fall 5
>
>
>
> listen admin 172.16.0.126:1234
> mode http
> stats uri /
>
> # For Chrome : https://code.google.com/p/chromium/issues/detail?id=85229#c33
> and ML haproxy
> errorfile 408 /dev/null
>
>>
>> Regards,
>> --
>> Nenad Merdanovic | PGP: 0x423edcb2 | Web: http://nimzo.info
>> Linkedin: http://www.linkedin.com/in/nenadmerdanovic
>
>
Kevin,
You should add this directive in your defaults section:
errorfile 408 /dev/null
Cause in your current configuration it applies to your stats page only!
Baptiste
ring your configuration, then it will be
easier to help you.
HAProxy setup log severity to notice when a server fails move to
status DOWN due to wrong health check response.
If you don't retrieve this info in your log it's either because your
HAProxy or your syslog server is not well configured (or both of them
in the mean time).
Baptiste
On Wed, May 28, 2014 at 4:47 PM, Jon Bogaty wrote:
> Brilliant Baptiste, thank you. I've setup proper logging and a longer
> timeout:
>
> global
> user nobody
> group nobody
> daemon
> nbproc 4
> maxconn 204800
> log /dev/log local0 in
On Wed, May 28, 2014 at 4:02 PM, Souda Burger wrote:
> Baptiste,
>
> Thanks for your help again. How would you recommend rewriting with HAProxy
> to do that on the fly? If you've got something that should work that's
> already written, that's easier than me trying
On Wed, May 28, 2014 at 3:56 PM, Jon Bogaty wrote:
> Hi Baptiste,
> I'm sorry, I should clarify, I meant 504. It's really quite prevalent, at
> least 4/10 at times, sometimes 8/10...
>
> I'm using:
> HA-Proxy version 1.4.24 2013/06/17
>
> This is m
On Wed, May 28, 2014 at 3:57 PM, Souda Burger wrote:
> Baptiste,
>
> Thanks for the heads up. Just to make sure I understand, you're saying that
> my "balanced" application server, in this case a tomcat pair, needs to
> account for the header modification and
27;s causing connection problems. Any help would be
> greatly appreciated.
>
> Thanks!
> Jon
Hi Jon,
Please post at least your HAProxy version, how you built/installed it, etc...
configuration, logs showing the errors are welcome too.
Note that HAProxy is not supposed to generate any 500 errors (only
502, 503, 504)
Baptiste
===>]
> 7,327 --.-K/s in 0s
>
> 2014-05-28 07:59:55 (81.3 MB/s) - 'index.html.1' saved [7327/7327]
>
Hi Souda,
The first 302 seems to be sent by your application server which does
not seems to take into account you "X-Forwarded-Proto" header.
Baptiste
for HAProxy?
>
>
> Thanks
>
>
> On 28 May 2014 14:11, Baptiste wrote:
>>
>> On Wed, May 28, 2014 at 2:03 PM, Steven Van Ingelgem
>> wrote:
>> > Hi all,
>> >
>> >
>> > I created a lot of ACL's to select to which server a request
host) -i abc. def.
alc goto_test_server src 1.2.3.4
use_backend TestServer if goto_test_server goto_servertest_url
use_backend Server1 if goto_server1 || goto_server2
Baptiste
gineer, Co-Founder
> Open Box I.T. Solutions, LLC
> c. 801-634-6479
Hi Williams,
That's a good question, and the response is 'YES'. You even have them
on Amazon cloud.
Just run a grep aes /proc/cpuinfo and check you have them.
Baptiste
0Mb of SSL with a single core, but it depends on
the object size, on the key renegotiation frequency, on connection
keep alives, etc...
Baptiste
he connection from port 62691, it's exactly
> the sequence I described above. So that clearly explains what Chrome is
> the only one affected!
>
> Best regards,
> Willy
>
>
> Has anyone opened a bug against Chrome for this behavior (did a brief search
> and didn't see one)? I'd be interested in following it as this behavior will
> likely have an impact on an upcoming project I've got.
>
> -Patrick
Hi Patrick,
yes:
https://code.google.com/p/chromium/issues/detail?id=377581
Baptiste
On Mon, May 26, 2014 at 6:07 PM, Willy Tarreau wrote:
> On Mon, May 26, 2014 at 05:52:15PM +0200, Arnall wrote:
>> Le 26/05/2014 16:13, Willy Tarreau a écrit :
>> >Hi Arnall,
>> >
>> >On Mon, May 26, 2014 at 11:56:52AM +0200, Arnall wrote:
>> >>Hi Willy,
>> >>
>> >>same problem here with Chrome ve
n this be done with reqrep ?
>
> It seems that this is the way, but I cannot find any example that does so.
>
> Do I also need the forward option ?
>
> Thanks!
>
> Matt
Hi Matt,
You have to do a couple of reqirep/reqrep.
One for the Host header, one for the URL path.
Baptiste
no more in browser with this errorfile set
> to /dev/null... for the moment it fix the problem for me.
>
>
Excellent
This is normal that HAProxy keeps on logging the error.
Baptiste
stated?
Too long timeouts can lower strength of your HAProxy and your website
in general.
Baptiste
ated. I need to find
> solution which will make HAProxy to send both. Can I use reqadd or
> http-request add-header/set-header to set a the second header?
>
> Best Regards,
> Daniel Todorov
Hi Daniel
Yes, you can use http-request add-header to add headers. You can
extract source IP address using the acl 'src'.
Baptiste
/243020846875152384#
Baptiste
On Fri, May 23, 2014 at 4:00 PM, Matt . wrote:
> So when you remove a line and there is no line like it... just nothing
> happens as it should ?
>
> But what if you add one that is already there ? Will it be added twice ? If
> so and you do a remo
It is not provided by us (HAProxy.com) if this is what you mean.
Baptiste
On Fri, May 23, 2014 at 2:06 PM, Apollon Oikonomopoulos
wrote:
> Hi Ghislain,
>
> On 14:01 Fri 23 May , Ghislain wrote:
>> hello there,
>>
>> Could you tell me if those packages comes f
There is no reply, it is silently performed.
Baptiste
On Fri, May 23, 2014 at 3:07 PM, Matt . wrote:
> Hi,
>
> OK, that is a very good explanation!
>
> It's also very flexible in my opinion.
>
> Does hsproxy give a reply/callback after adding/removing ? I'm
Kevin,
Do you (still) see 408 errors printed in the browser???
Baptiste
On Fri, May 23, 2014 at 2:17 PM, Kevin Maziere wrote:
> Hi
>
> I've just applied the first patch, here are the debug log :
>
> In the logs :
> 2014-05-23T12:03:20+00:00 images-access haproxy[13409]
Ghislain,
408 in logs is not a big deal and can be avoided by the option dontlognull.
The problem is when the 408 is printed into the browser.
Baptiste
On Fri, May 23, 2014 at 1:43 PM, Ghislain wrote:
> Le 22/05/2014 21:45, Mepstein a écrit :
>>
>> Hi
>>
>> HA-Prox
emory, then updates are lost.
> What I add this was is added to memory and not to the file ?
exactly
> So, I need to sync the file with the memory in some way ?
yes.
This can be done easily with a tool since you can dump a map content
from HAProxy's socket.
Baptiste
>
>
&
.
> After reading the doc of the option this option is usefull but I'm not sur
> for my case.
> I fact the 408 are received immediatly, with no delay or timeout when
> browsing the website.
> I indeed with the option still 408 errors
>
> Maybe any other ideas ?
>
&
Proxy socket or
though HTTP headers.
Read the manual to know how.
Bear in mind HAProxy will reset its memory with the content of the
file when reloading. So it's up to you to sync the memory of HAProxy
and the content of the file.
Baptiste
On Thu, May 22, 2014 at 11:08 PM, Matt . wrote:
ht 1 check inter 5000 rise 2 fall 5
>
>
> And here a some logs :
>
> 2014-05-22T15:38:44+00:00 access haproxy[7762]: clientipv6:59374
> [22/May/2014:15:38:29.146] ipv6-ip1-443~ ipv6-ip1-443/
> -1/-1/-1/-1/15014 408 212 - - cR-- 0/0/0/0/0 0/0 ""
> 2014-05-22T15:47:53+00:00 access haproxy[7762]: clientipv4:49611
> [22/May/2014:15:47:38.768] ipv4-ip1-80 ipv4-ip1-80/ -1/-1/-1/-1/15001
> 408 212 - - cR-- 2/2/0/0/0 0/0 ""
>
> Thansk for your help
>
> Kévin
Hi Kevin,
Maybe you could try setup a "timeout http-request" with a lower value
than your timeout client.
Baptiste
headers.
Then you can use content of a map to perform the redirect.
What type of redirection do you want to do exactly?
Baptiste
view, I mean:
- how many processes
- how many processes dedicated to SSL processing
- have you enable 'tune.ssl.cachesize' (or have you tunned it or tried
to increase its value?)
etc...
Can you run a 'show info' on your HAProxy socket and paste here the
SSL related lines?
Note to Willy and Emeric: the 'show info' don't report the number of
sessions stored in the cache. It may be interesting to get it, if
possible.
Baptiste
ode.
Which allows HAProxy to analyse all data from the "tunnel" + modifying
headers of each request and response.
In this second case, no need to change your configuration, it will
work straight forward.
Baptiste
On Wed, May 21, 2014 at 8:40 AM, Jeffrey 'jf' Lim wrote:
&
mples may lead to questions like mine.
Baptiste
g before:
{TLSv1.1,ECDHE-RSA-AES256-SHA,wiki.bedis.eu,E0CF269B6D688FA360C267FF021D7654601DD2D630944681A49EB42605FD49DB}
But I can't say when this change occured, because I don't update and
watch my log every day :)
Note: from the doc, I can read that ssl_fc_session_id is supposed to be b
Hi Simon,
The following compilation directive should do the trick for you "USE_PCRE=1".
Baptiste
On Wed, May 7, 2014 at 10:31 AM, k simon wrote:
> Hi,Lists,
> I found I can not share the same regex txt for haproxy and squid. And
> I noticed that haproxy use OS libc'
NTLM an server-close are mutually incompatible.
As Willy stated, best solution for you is to use http-keep-alive mode
and upgrade to haproxy 1.5.
Baptiste
On Sat, May 10, 2014 at 1:38 PM, Willy Tarreau wrote:
> Hi,
>
> On Thu, May 08, 2014 at 06:22:11PM +0200, Lukas Tribus wro
quickly released.
And for those who need more professional support, with contracts,
SLAs, etc..., then haproxy.com is there, with many different type of
products around HAProxy :)
Baptiste
On Fri, May 9, 2014 at 10:51 AM, Steven Le Roux wrote:
> Few years ago I did this comparison.
>
> We
Hi Igor,
You can reuse the examples from the blog and limit tracking to a single IP:
tcp-request connection track-sc1 src if { src a.b.c.d }
Baptiste
On Thu, May 8, 2014 at 5:57 PM, Igor wrote:
> Hello every guru,
>
> I got a TCP frontend and a HTTP backend, recently I have a i
arnish can be your friend for this
purpose.
I'll write some blog articles on how to migrate f5 irules into
HAProxy's configuration.
Baptiste
On Fri, May 9, 2014 at 9:25 AM, Pär Åslund wrote:
> Hi,
>
> I have experience with both. Running first F5 LTM pair for a couple of years
Hi Andy,
you can run a process which reads acls/maps content from HAProxy
socket and write it to a file on disk.
Baptiste
On Wed, Apr 30, 2014 at 2:40 AM, Thierry FOURNIER
wrote:
> On Tue, 29 Apr 2014 12:39:43 -0500
> Andy Walker wrote:
>
>> Regarding the "add
>> a
HAProxy, what else
Baptiste
On Fri, Apr 25, 2014 at 8:15 PM, Willy Tarreau wrote:
> Just a quick note to let you know that Emeric and I have found how
> to detect heartbeats and the heartbleed attack at the application
> layer and how to block it regardless of the OpenSSL versi
Hi Nathan,
Actually, if both services are hosted on the same servers, my
configuration should work.
And from your configuration example, this is what I understood
(servers have same name in your second configuration).
Anyway, happy to have helped you :)
Baptiste
On Wed, Apr 23, 2014 at 12:56
bind servername:8080
default_backend server
backend server
option tcp-check
tcp-check connect port 80
tcp-check connect port 8080
stick-table type ip size 1
stick on dst
server server-01-ext server01 check inter 5000
server server-02-ext server02 check inter 5000
Bap
Hi Nathan,
Why not simply using a single frontend with two binds pointing to one backend?
It would do the trick.
Concerning checking, you can use the tcp-check feature to ensure both
ports are available on each server.
Baptiste
On Mon, Apr 21, 2014 at 1:20 PM, Nathan Reilly wrote:
> Hello
Hi Lukas,
Thanks for sharing :)
Baptiste
On Tue, Apr 8, 2014 at 9:41 AM, Lukas Tribus wrote:
> Hi list,
>
> anyone running openssl 1.0.1 is likely affected by the quite serious TLS
> heartbeat read overrun bug (CVE-2014-0160) in OpenSSL:
>
> https://www.openssl.org/news/s
timeouts result in a termination code starting with "sH" or
> "cH"? Seems like the backend (or something else in the chain) is returning
> the 504 to me.
>
>
> -Bryan
>
504 may have been generated by a proxy/server/whatever behind HAProxy.
Or there might be a bug in HAProxy :)
Baptiste
Hi Yasaman,
You should create a couple of backend where you setup different weight
per servers and use frontend capacity to route HTTP request using acls
and use_backend.
Baptiste
On Mon, Apr 7, 2014 at 7:30 AM, Yasaman Amannejad
wrote:
>
> Hi everyone,
>
> I have a specific ne
You should use bsd make with Makefile.bsd provided in HAProxy source
archive or git.
Baptiste
On Sat, Apr 5, 2014 at 1:43 AM, William Lallemand wrote:
> On Fri, 4 Apr 2014 18:36:10 -0300
> Jorge Severino wrote:
>
>> root@haproxy01 $ make TARGET=openbsd CPU=native USE_ZLIB=1
&
Hi,
You can use the errorfile directive with a fake 204 status code in the
HTTP file to use as an answer.
Check the doc and come back here if you did not manage to configure it.
Baptiste
On Wed, Apr 2, 2014 at 9:16 PM, Piavlo wrote:
> Hi,
>
> According to the docs:
>
> Hapro
processes to point to
a single HAProxy process in clear where you do your stick-table stuff.
Each frontend and backend must be in the same process, so you must
pass information through the loopback interface between you SSL
frontends and your HTTP with stich-table backends.
Baptiste
On Tue, Apr 1
Hi Patrick,
Just issue a 'show errors' on HAProxy stats socket and you'll know why
these request have been denied.
You can also give a try to the 'option accept-invalid-request' to tell
haproxy be less sensitive on HTTP checking...
Baptiste
On Sat, Mar 29, 2014 at
thing :)
I'm recycling HAProxy's flexibility to do it.
Authentication will be done outside of HAProxy.
I let Willy answer about modules ;)
But expect a negative answer here!
Baptiste
ion, etc...
So just keep on reporting me features you would like in such daemon
and who knows, you may have some surprise...
Baptiste
On Tue, Mar 18, 2014 at 4:16 PM, Patrick Hemmer wrote:
> I'm assuming it'll be generic authentication. What information will be made
&g
On Tue, Mar 18, 2014 at 4:14 PM, Steven Le Roux wrote:
> Hi Baptiste,
>
> Your "third party daemon interacting deeply with HAProxy" whets my curiosity
> :)
>
> Do you think this way could be used to provide an API to haproxy ?
> (e.g. dynamicaly provision a server
ill a lot of work to do on this project and HAProxy needs some
patches as well, so I can't say more for now.
Just stay tuned, I'll update the ML once done :)
That said, if you have some requirements, this is the moment :)
Baptiste
On Tue, Mar 18, 2014 at 2:04 PM, Roel Cuppen wrote
Hi Roel,
Let say there are currently some developments in that way.
It won't be part of HAProxy, but rather a third party daemon
interacting deeply with HAProxy.
What do you mean by OTP?
Baptiste
On Mon, Mar 17, 2014 at 9:43 PM, Roel Cuppen wrote:
> Hi,
>
> I would like to
Hi Julien
With HAProxy 1.5, you can change the log severity using http-request rules:
http-request set-log-level notice if request-too-big
Then you can easily divert notice logs into a dedicated file in your
syslog server.
My 2 cents.
Baptiste
On Thu, Mar 13, 2014 at 4:23 AM, Julien Vehent
It would be easier to help you if you share your configuration!
Baptiste
On Wed, Mar 12, 2014 at 1:36 AM, Patrick Hemmer wrote:
> 2 related questions:
>
> I'm trying to find a way to concat multiple samples to use in a stick table.
> Basically in my frontend I pattern match on
Hi,
Not doable in 1.4.
In 1.5, a http-request could do the trick:
http-request set-header X-Real-IP %[src]
Just play with ACLs to set it when you need.
Baptiste
On Mon, Mar 10, 2014 at 12:09 PM, r0m5 wrote:
> Hi,
>
> I am using haproxy package from debian Wheezy backports (1.4.24-
Hi Xie,
You can load-balance your HAProxy servers using basic layer 4
load-balancers, like LVS.
Otherwise, you could use as well ECMP protocol at your network layer.
Baptiste
On Fri, Dec 6, 2013 at 5:41 PM, Xie Qingshan wrote:
> Godbach,
> Thanks for your quick reply and sugge
Hi Jim,
Thanks a lot for the feedback.
I know nginx devs are now working on an official patch:
https://twitter.com/mdounin/status/441705983581372417
Baptiste
On Sun, Mar 9, 2014 at 2:30 AM, Jim Howell wrote:
> Baptiste writes:
>
>
>> Please try it and report any issue / bug
f one server is answering at 1s per request while the other one at
1ms in a farm of 2 servers, then server 2 will process 1000 more
requests per second than server 1 thanks to leastconn...
This is what you want.
Baptiste
On Fri, Mar 7, 2014 at 10:08 AM, Dmitry Sivachenko wrote:
>
> On 07
Hi Dave,
Could you please enable logging in HAProxy and report here log lines
corresponding to 502 errors?
502 could be sent by HAProxy for many reasons.
Baptiste
On Thu, Mar 6, 2014 at 3:59 PM, Dave wrote:
> Hello,
> What could be causing ereq counts to go up on the frontend stats fiel
I also setup leastconn on stateless web application servers.
So "the fastest" answers.
Baptiste
On Thu, Mar 6, 2014 at 8:24 AM, Willy Tarreau wrote:
> Hi Malcolm,
>
> On Tue, Mar 04, 2014 at 08:43:47PM +, Malcolm Turnbull wrote:
>> Willy,
>>
>&
Amol,
The second log lines clearly shows that your application server is
redirecting your user :)
Baptiste
On Thu, Mar 6, 2014 at 4:53 AM, Amol wrote:
> so after looking at haproxy logs i noticed 2 things
>
> if i type www.xx.com there is 1 log entry
>
> haproxy[26387]: xx.11.1
Hi Manuel,
Not for now in HAProxy.
Baptiste
On Wed, Mar 5, 2014 at 11:57 PM, Manuel de Brito Fontes
wrote:
> It's possible to redirect this www.domain.com/demo(.*) to demo.domain.com\1
> without using url_beg for each case?
> Thanks
Hi Steve,
run HAProxy in debug mode and compare the request received and the
request sent and you'll know if you have an error.
At first sight, your rule looks correct.
Baptiste
On Thu, Mar 6, 2014 at 10:42 PM, Steve Phillips wrote:
> Haven't gotten a response on this...tryin
Hi Fred,
HAProxy is not aware of the packet level. It is the role of the kernel.
So collect this information from your kernel.
Baptiste
On Mon, Mar 3, 2014 at 2:07 AM, Fred Pedrisa wrote:
> Hi !
>
> It doesn't have this information (packets per second based in source
> add
I'm proposing roundrobin because it seems leastconn have side effects
in you case.
But we'll have a more accurate idea with the stats from the screenshot.
Baptiste
On Sat, Mar 1, 2014 at 6:36 PM, vijeesh vijayan
wrote:
> Thanks. will share screenshot shortly. roundrobin recommen
Hi
More chance to get an answer from Apache 2.2 and wordpress people...
Baptiste
On Fri, Feb 28, 2014 at 4:12 PM, Amol wrote:
> well the application behind haproxy in this case is wordpress on apache2.2,
> any settings there?
>
>
>
>
> On Friday, February 28, 2014 4:5
Hi Fred,
HAProxy already report this on its stats page: http://demo.1wt.eu/
Baptiste
On Sat, Mar 1, 2014 at 4:44 AM, Fred Pedrisa wrote:
> Hello, Guys !
>
>
>
> I would like to know if there is a possibility to add a conter for the
> number of packets/requests/streams per
yntax with reqirep and it does not work ;)
Baptiste
On Fri, Feb 28, 2014 at 12:35 PM, Philipp
wrote:
> Hi,
>
> current functional setup:
> frontend f
> acl ssfc_dev hdr(host) -m str dev.example.com
> acl ssfc_img hdr(host) -m str img.example.com
> [..]
> reqrep ^GET[\ \t]*/(.*
Hi,
and where is your problem exactly?
Baptiste
On Tue, Feb 25, 2014 at 7:39 AM, anup katariya wrote:
> Hi,
>
> I wanted to inspect incoming tcp request. I wanted to something like below
>
> payload(0, 100) match with string like 49=ABC.
>
> Thanks,
> Anup
>
>
>
Hi Phil,
Let say soon :)
Sooner that ever!
We've never been so close to 1.5
It is a question of a very few weeks.
At haproxy Tech (haproxy.com) we use it in our appliances for a long
time, it is stable enough.
Baptiste
On Wed, Feb 26, 2014 at 5:58 AM, Phil Ayres wrote:
> I'
It may not fix the issue.
But at least the configuration will do what you expect from it...
That said, the issue may be in the application too :)
It is commonly seen that applications don't behave properly when SSL
offloading is enabled in front of them.
Baptiste
On Thu, Feb 27, 2014 at
Hi,
You can also move the mouse on the number itself.
A tooltip will be printed with some details.
Baptiste
On Thu, Feb 27, 2014 at 8:26 PM, Lukas Tribus wrote:
> Hi.
>
>
>> Hello,I have installed haproxy 1.4.23 on Cnetos 6.3 .And I can see
>> the haproxy stats throug
give a try to 'balance roundrobin' and see what happens.
Baptiste
On Fri, Feb 28, 2014 at 9:41 AM, vijeesh vijayan
wrote:
> we are using haproxy (1.4)to distribute traffic to 30 of our db nodes.
> we are facing an issue with weights.
>
> sample configs
>
>
801 - 900 of 1624 matches
Mail list logo