I missed a config line from Haproxy.conf in my previous reply:
Frontend ldaps
tcp-request content capture ssl_fc_sni len 25
On 11/23/21, 1:57 AM, "Jarno Huuskonen" wrote:
Hi,
On 11/22/21 16:33, Ben Hart wrote:
> Hey there! I’ve got a handful of Haproxy ser
ted header server name so that's a big
bonus. But I wonder if I'm still not getting everything.
Attached is a revised haproxy.cfg, I look forward to your advice and
suggestions.
Thanks!
On 11/23/21, 1:57 AM, "Jarno Huuskonen" wrote:
Hi,
On 11/22/21 16:33, Ben Hart wr
appropriate log options
or formats setup to determine that.
Attached is my sanitized haproxy.cfg
Please don’t hesitate to ask me for more info 😊
Thanks!!
Ben
global
log /dev/loglocal0
log /dev/loglocal1 notice
# log 127.0.0.1 local1
chroot /var/lib/haproxy
ht be misunderstanding
how this part of Haproxy works fundamentally...
On 11/3/21, 4:49 AM, "Lukas Tribus" wrote:
Hello Ben,
On Wed, 3 Nov 2021 at 03:54, Ben Hart wrote:
>
> I wonder, can I ask if the server directives are correct insofar as
> making a s
Tribus" wrote:
Hello,
On Tue, 2 Nov 2021 at 21:24, Ben Hart wrote:
>
> In the config (pasted here
>
https://0bin.net/paste/1aOh1F4y#qStfT0m0mER3rhI3DonDbCsr0NRmVuH9XiwvagEkAiE)
> My questions surround the syntax of the config file..
Most likely those
can’t find a ton of info on Haproxy with SNI and
LDAPS so I question if my config is correct.
Thanks!
[Jamf]
Ben Hart
IT Systems Administrator
100 Washington Ave S, Minneapolis, MN 55401
[Phone]
+00 1 989 424 0187
[Email]
ben.h...@jamf.com
[Web]
www.jamf.com<https://www.jamf.com>
[Fa
Hello,
I want to know if HAProxy works with MS Exchange 2016 and client Outlook
Anywhere.
The client Outlook Anywhere use MAPI over HTTPS protocol.
I don't found any informations about this on the web.
Regards,
Issam BEN REJEB
o get
the fix out there as soon as we can.
Thanks,
Ben Shillito
Developer
[51Degrees]<https://51degrees.com/>
O: +44 1183 287152
E: b...@51degrees.com<mailto:b...@51degrees.com?subject=Your%20Email>
[https://51degrees.com/portals/0/images/twitterbird.png]
@51Degrees<http://twitt
the other change.
Thanks,
Ben Shillito
Developer
[51Degrees]<https://51degrees.com/>
O: +44 1183 287152
E: b...@51degrees.com<mailto:b...@51degrees.com?subject=Your%20Email>
[https://51degrees.com/portals/0/images/twitterbird.png]
@51Degrees<http://twitter.com/51Degreesmobi>
[htt
Hi Willy,
Great, thanks.
Yeah that makes total sense. Don't want warnings that can't be solved.
Regards,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: 13 June 2019 17:06
To: Be
uot;(dummy library)" to the output of
REGISTER_BUILD_OPTS macro.
I thought about pushing a warning when the dummy library is used just to be
super obvious. Don't know what you think of that?
Thanks,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Origin
Thanks both,
Ilya, I will take a look at that now.
Ben Shillito
Developer
[51Degrees]<https://51degrees.com/>
O: +44 1183 287152
E: b...@51degrees.com<mailto:b...@51degrees.com?subject=Your%20Email>
[https://51degrees.com/portals/0/images/twitterbird.png]
@51Degrees<htt
Hi Willy,
Yes, I agree the paths in the dummy library should match that of the actual
library. And yes, that patch is good with me.
Thanks,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent
in order to make use of the efficiency of Trie.
Regards,
Ben Shillito
Developer
[51Degrees]<https://51degrees.com/>
O: +44 1183 287152
E: b...@51degrees.com<mailto:b...@51degrees.com?subject=Your%20Email>
[https://51degrees.com/portals/0/images/twitterbird.png]
@51Degrees<htt
://51degrees.com/Support/Documentation/APIs/C-V32/Benchmarks
If you need any more information, or help setting up, do let me know.
Regards,
Ben Shillito
Developer
[51Degrees]<https://51degrees.com/>
O: +44 1183 287152
E: b...@51degrees.com<mailto:b...@51degrees.com?subject=Your%20Emai
if this gets you up and running.
Regards,
Ben Shillito
Developer
[51Degrees]<https://51degrees.com/>
O: +44 1183 287152
E: b...@51degrees.com<mailto:b...@51degrees.com?subject=Your%20Email>
[https://51degrees.com/portals/0/images/twitterbird.png]
@51Degrees<http://twitter.co
Hi Willy,
Great, thanks for those changes, and good spot.
I agree that this is a significant step forward, and having the entire codebase
testable in CI will certainly make everything that bit smoother.
Thanks,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
can I'll try to make sure you
have everything you need for a weekend release.
Thanks,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: 12 June 2019 10:12
To: Ben Shillito
Cc: Christop
Hi Willy,
This unfortunately fell down our list of priorities in the last few weeks.
However, as this is a bit more urgent now with your weekend release, I will get
the change for HTX awareness to you either today or tomorrow if that is ok with
you?
Thanks,
Ben Shillito
Developer
O: +44 1183
Hi Willy,
Thanks for the update. We will take a look and get a patch over to you.
Thanks,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: 23 April 2019 10:11
To: Paul Stephen Borile
Cc
Hash
Trie API.
Thanks,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: 21 January 2019 16:48
To: Ben Shillito
Cc: haproxy@formilux.org
Subject: Re: Does anyone *really* use 51d or WURFL ?
On
Hi Willy,
Ah yes, thanks, I missed the S first time reading it.
There are actually a couple of things I'd like to check over a bit more
thoroughly like the caching used in 51d.c, so it will probably be more like
tomorrow.
Thanks,
Ben Shillito
Developer
O: +44 1183 287152
Hi Willy,
I agree, setting the flag from the HAProxy USE_THREADS is probably the neatest
solution.
I will get a patch over to you later on today.
Thanks,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w
o the 51Degrees default, and give the
option to disable threading for those who require that.
Regards,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: 21 January 2019 14:36
To: haproxy@formilux.org
Su
Hi Willy,
Great, thanks for the quick turnaround.
Regards,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: 16 January 2019 16:27
To: Ben Shillito
Cc: haproxy@formilux.org
Subject: Re
Hi Willy,
It appears that 51.d still uses some elements of the the now deprecated buffer
API, so I have attached a patch which updates the usage to the new buffer API.
This can also be backported to 1.9 where the new API was introduced.
Thanks,
Ben Shillito
Developer
[51Degrees]<ht
>
Good catch, done.
> Just fix this and you get my Ack :)
> And thanks for your patience and your retransmits.
>
No problem, thanks for reviewing! Hopefully you guys get a break soon. Les
vacances se rapprochent.. :)
Ben
0001-MINOR-config-Implement-parse-resolv-conf-directive.patch
Description: Binary data
ion of this
> patch?
>
> Baptiste
>
>
> On Thu, May 24, 2018 at 5:02 PM, Ben Draut wrote:
>
>> Willy, I think you've reviewed this one already. :) I fixed a few
>> things after your review, then you said you just wanted to wait
>> for Baptiste to ACK back on
add to the pile!) My understanding was that we're just
waiting for him.
Thanks,
Ben
On Thu, May 24, 2018 at 8:58 AM, Willy Tarreau wrote:
> Hi Jim,
>
> On Thu, May 24, 2018 at 08:50:29AM -0600, Jim Freeman wrote:
> > I'm not seeing any signs of this feature sliding into 1.
>
> > I also fixed the memory leaks that you pointed out. (I think) But I did
> > notice that
> > valgrind reports that the 'newnameserver' allocation is being leaked
> > anyway, both
> > when using parse-resolv-conf as well as the regular nameserver
> > directive...Let
> > me know if I should do s
e you don't need to run this check on a read-only file, as it
> cannot fail, and if it really did, the user couldn't do anything about
> it anyway.
>
Great, removed.
I also fixed the memory leaks that you pointed out. (I think) But I did
notice that
valgrind reports that the
r's address as its name in the
resolvers section, as I thought that would have the highest probability of
avoiding name conflicts with other configured nameservers. Again I'm open
to feedback though.
Thanks!
Ben
From 98129271f32e6b9bc00880c967f9acf1233fed9b Mon Sep 17 00:00:00 2001
From: Be
Yep, will do.
On Tue, Apr 17, 2018 at 8:04 AM, Baptiste wrote:
>
> On Sat, Apr 14, 2018 at 5:39 AM, Jonathan Matthews <
> cont...@jpluscplusm.com> wrote:
>
>> On 14 April 2018 at 05:13, Willy Tarreau wrote:
>> > On Fri, Apr 13, 2018 at 03:48:19PM -0600, Ben Dr
This implements a simple warning for 'resolvers' sections that have no
nameservers.
Previously discussed here:
https://www.mail-archive.com/haproxy@formilux.org/msg29600.html
Thanks,
Ben
From fc6a36dabec89eef0eba13146cecbf157f0675b9 Mon Sep 17 00:00:00 2001
From: Ben Draut
Date: F
ews wrote:
> > On Fri, 13 Apr 2018 at 15:09, Willy Tarreau wrote:
> >
> > > On Fri, Apr 13, 2018 at 08:01:13AM -0600, Ben Draut wrote:
> > > > How about this:
> > > >
> > > > * New directive: 'use_system_nameservers'
> > &
2018 at 3:12 PM, Ben Draut wrote:
> I agree.
>
> On Mon, Apr 9, 2018 at 1:35 AM, Baptiste wrote:
>
>>
>>
>> On Fri, Apr 6, 2018 at 4:54 PM, Willy Tarreau wrote:
>>
>>> On Fri, Apr 06, 2018 at 04:50:54PM +0200, Lukas Tribus wrote:
>>> > &g
On Thu, Apr 12, 2018 at 3:06 PM, Willy Tarreau wrote:
> Hi Ben,
>
> On Thu, Apr 12, 2018 at 02:25:58PM -0600, Ben Draut wrote:
> > This changes the parser to run section postparsers once per section
> > instance, rather than only when the section type changes.
> >
&
summary at most once
per section.
Thanks,
Ben
0001-REORG-MINOR-config-Run-postparser-once-per-section-i.patch
Description: Binary data
xy/search?q=unspecified+dns+error
>
> We're expecting/testing to see if bind9's "no-case-compress { any; }"
> directive
> addresses this, but many folks do not control their DNS services (and as
> requisite
> AWS/Route53 capabilities mature, neither will we).
>
&
I agree.
On Mon, Apr 9, 2018 at 1:35 AM, Baptiste wrote:
>
>
> On Fri, Apr 6, 2018 at 4:54 PM, Willy Tarreau wrote:
>
>> On Fri, Apr 06, 2018 at 04:50:54PM +0200, Lukas Tribus wrote:
>> > > Well, sometimes when you're debugging a configuration, it's nice to be
>> > > able to disable some elemen
It's interesting that the default behavior of HAProxy resolvers can
conflict with the default behavior of bind. (If you're unlucky with
whatever bind has cached)
By default, bind uses case-insensitive compression, which can cause it to
use a different case in the ANSWER than in the QUESTION. (See
ified in the section. As Jim pointed out previously, libresolv could be
used
to parse the file. If that's undesirable for some reason, we could parse it
ourselves.
I'm new to the codebase, so I'm open to any suggestions or guidance anyone
may have.
Thanks,
Ben
grees/device-detection
should be used for the new Hash Trie source.
Apologies for any confusion.
Regards,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy TARREAU [mailto:wtarr...@haproxy.com]
Sent: 05 October 2017 17:39
To
proven stable but frozen 3.2.10 version which
supports the Pattern algorithm".
Or, if it makes things easier for you, I can backport the trie/51Degrees.c/h
files to 3.2.10, meaning Trie can be used in that version (the Hash Trie files
we now distribute will be needed instead of the d
Hi Willy,
Yes of course. I have attached a patch which has the correct branch and updated
instructions about where to get the free Hash Trie file now that it is no
longer part of the git repository.
Regards,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
ttps://51degrees.com/products/store/on-premise-device-detection.
Regards,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Dragan Dosen [mailto:ddo...@haproxy.com]
Sent: 02 October 2017 10:14
To: haproxy@formilux.org
Cc: Willy Tarreau ; B
Hi Willy,
Thanks for the additional change.
And that's quite alright, if there is a problem with our API that is affecting
users live builds like this, then it will always be our top priority.
Regards,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51De
URL which is referenced in the instructions, and 1.7/dev now
reference the 3.2.10 stable branch.
Regards,
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: 19 July 2017 10:59
To: Ben Shillito
nious way forward if we’ve made an innocent mistake?
Thanks,
Ben
Ben Shillito
Developer
O: +44 1183 287152
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Florian Tham [mailto:fgt...@gmail.com]
Sent: 19 July 2017 09:20
To: Willy Tarreau
Cc: James Rosewell ; Ben Shillito
I have attached a patch which adds definitions for the 51Degrees converter and
fetch functions to docs/configuration.txt so the they will appear in the online
documentation.
This should also be backported.
Thanks,
Ben.
Ben Shillito
Developer
[51Degrees]<https://51degrees.com/>
O: +4
Hi Willy,
Yes I agree, this is a problem.
I have attached a patch with a change to the readme which explains that that
the correct version must be pulled if using <=1.6.
Regards,
Ben.
Ben Shillito
Developer
E: b...@51degrees.com
T: @51Degrees
-Original Message-
From: Willy Tarr
. So
I’ll have to find a way to route properly without relying on SNI.
Really appreciate your input.
- Ben
On Fri, Jul 8, 2016 at 2:28 PM, Lukas Tribus wrote:
> Hi Ben,
>
>
>
> Am 08.07.2016 um 18:51 schrieb Ben Whaley:
>
>> Greetings,
>>
>> I have a scena
str()” together in a config?
Why does HAP set the SNI value if “ssl” is in the config, but does NOT set
the SNI value if ssl is not in the config?
Thanks in advance for any help & insights.
- Ben
Attached is a patch submission which makes changes to the 51Degrees Trie
implementation to work with recent changes to
github.com/51Degrees/Device-Detection/src/trie/51Degrees.c.
Ben Shillito
Developer
[51Degrees]<https://51degrees.com/>
O: +44 1183 287152
E: b...@51degrees.com<
Hi Willy, Bryan,
Thanks for looking at this and getting it fixed quickly.
Thanks,
Ben
On 26 May 2016 at 17:01, Willy Tarreau wrote:
> Hi Ben,
>
> On Wed, May 25, 2016 at 08:41:53AM +0100, Ben Cabot wrote:
>> Sorry I forgot include the build details. The configuration its self
&
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available filters :
[TRACE] trace
[COMP] compression
Ben
On 24 May 2016 at 23:59, Bryan Talbot wrote:
> The OP didn’t provide many details, but I am able to reproduce this too using
> 1.7-dev and the config files
(10937) : register section 'listen': already registered.
[ALERT] 144/113841 (10937) : Could not open configuration file
/etc/haproxy/haproxy_manual.cfg : Success
It looks to be introduced in 5e4261b0 but I'm unsure how to fix it.
Please can someone take a look.
Thanks,
Ben
to consider using a different reverse proxy solution
between the two ELB tiers instead of HA proxy. I apologize for any
inconvenience. I hope the above information was helpful. Please let us know
if you have any other questions or concerns and we will be happy to assist
you.
"
Regards,
--
stop
any undesired behaviour.
Attached is a suggested fix.
Regards,
Ben
From c4100ffc1bb530bbf1601bc92154d0e498eea111 Mon Sep 17 00:00:00 2001
From: Ben Cabot
Date: Wed, 20 Jan 2016 09:44:39 +
Subject: [PATCH] BUG/MINOR: Adding validation to stick-table expire value. If
the expire value exc
nging
to the upstream and stick with that one until reload?
Thanks!
--
Ben
Hi,
Attached is a patch with an edit to the information in the README regarding
51Degrees installation and configuration.
Ben.
This email and any attachments are confidential and may also be privileged. If
you are not the named recipient, please notify the sender immediately and do
not
Hi Steffen,
If I understand the question right to give your real servers internet
access you should be able to enable ip forwarding then use a masquerade
rule.
You can use "iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE " then
"echo “1” > /proc/sys/net/ipv4/ip_forwar
Just noticed the changes have been backported to 1.6, that's great going.
Thanks Baptiste & Willy!
On 30 October 2015 at 14:52, Ben Tisdall wrote:
> On Fri, Oct 30, 2015 at 2:48 PM, Baptiste wrote:
>> On Fri, Oct 30, 2015 at 2:10 PM, Lukas Tribus wrote:
>>>> I s
he upstream and debian changelogs he seems pretty close
behind you folks though :)
--
Ben
On Thu, Oct 29, 2015 at 1:43 PM, Ben Tisdall wrote:
> Sorry, I'm misinterpreting the test results, please ignore that. One
> ELB address has remained the same today so it's likely HAProxy has
> been using that and has not needed to update.
Ok, finally observed some more ELB
On Thu, Oct 29, 2015 at 1:40 PM, Ben Tisdall wrote:
> Ok, testing with the latest
> 0001-BUG-MAJOR-dns-first-DNS-response-packet-not-matching.patch
> appears to work from the proxy POV but I'm not seeing the update
> counter incrementing on address changes.
Sorry, I'm mi
Ok, testing with the latest
0001-BUG-MAJOR-dns-first-DNS-response-packet-not-matching.patch
appears to work from the proxy POV but I'm not seeing the update
counter incrementing on address changes.
On Wed, Oct 28, 2015 at 6:28 PM, Ben Tisdall wrote:
> On Wed, Oct 28, 2015 at 6:00 PM, Baptiste wrote:
>>
>> Ben, could you apply the patch below instead of 0001:
>>
>> [snip]
That patch is proving problematic to apply, to save me guessing can
you provide it as an attachment please.
On Wed, Oct 28, 2015 at 6:00 PM, Baptiste wrote:
>
> Ben, could you apply the patch below instead of 0001:
>
> [snip]
Sure, will report back in the morning. Thanks Jesse and Baptiste :)
Ben
On Wed, Oct 28, 2015 at 4:29 PM, Baptiste wrote:
> Great, thanks for confirming!
>
Thanks for getting this sorted out Baptiste! Any idea of when the
fixes would be likely to be released and make it into the ppa?
--
Ben
pdate" counter incremented by 1 and the proxy
continued to function.
--
Ben
On Wed, Oct 28, 2015 at 1:55 PM, Baptiste wrote:
>
> Have you forced resolution to ipv4 only?
> if not, could you give it a try?
>
Right, with "resolver-prefer ipv4":
Resolvers section aws
nameserver aws_0:
sent: 11
valid: 11
update: 0
cname: 0
cname_error: 0
any_err: 0
nx: 0
t
On Wed, Oct 28, 2015 at 10:15 AM, Ben Tisdall wrote:
>
> Thanks Baptiste, will get on this today.
>
Ok this in the test environment now and the "other" counter now
increments in step with "valid", eg:
Resolvers section aws
nameserver aws_0:
sent: 208
vali
On Wed, Oct 28, 2015 at 2:18 AM, Baptiste wrote:
> Ben,
>
> I found a couple of bugs:
> #1 an incomplete end of processing when the queried hostname can't be
> found in the response. This lead to the query loop you may have
> observed.
> #2 an error in the way we parse C
th Lua version : Lua 5.3.1
Built with transparent proxy support using: IP_TRANSPARENT
IPV6_TRANSPARENT IP_FREEBIND
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Regards,
--
Ben
Sorry I'd not noticed that. Everything looks good now thank you Willy.
Ben
On 4 October 2015 at 09:41, Willy Tarreau wrote:
> Resending after some mails were lost du to low space on device...
>
> On Fri, Oct 02, 2015 at 11:15:35PM +0200, Willy Tarreau wrote:
> > On Fri, O
Alert("Proxy '%s': '%s' does not have
a leading '/' and 'external-check path' is not set.\n",
curproxy->id, "external-check command");
cfgerr++;
}
Thanks,
Ben
--
LOADBALANCER.ORG LTD.
www.loadbalancer.org
supp...@loadbalancer.org
Hi All,
Has anyone been able to confirm this bug and the patch? I wanted to
confirm I had not missed any potential issues elsewhere?
Thank you,
Ben
On 4 September 2015 at 13:50, Ben Cabot wrote:
> We have been seeing the following error when trying to use the
> external-check command
option httplog
server RIP_Name 192.168.63.100 weight 100 cookie RIP_Name
check inter 4000 rise 2 fall 2 minconn 0 maxconn 0
on-marked-down shutdown-sessions
thanks,
Ben
--
LOADBALANCER.ORG LTD.
www.loadbalancer.org
supp...@loadbalancer.org
On Mon, May 11, 2015 at 3:47 PM, Nick Couchman
wrote:
> Thanks for the hints, Ben. I'll defer to those who are experts about
> whether or not something like that should be part of the core
> functionality; however, it seems that even though this case might not be a
> great on
Nick,
Here is some information on using socat to interact with the stats socket.
This might be useful for shell scripting.
http://www.mgoff.in/2010/07/14/haproxy-gathering-stats-using-socat/
Nick,
HAProxy provides statistics via socket or HTTP interface. You can easily
monitor these stats and run scripts. Some cron jobs and regex should
suffice. Specific cases like this are usually not something I would imagine
belongs in HAProxy core, since it is not directly related to load balancin
With some iptables rules you can use FTP active and passive mode via
haproxy.
The key is to assign unique passive port ranges to each backend then port
forward those ranges. You must be able to configure each FTP server daemon
with it's own range.
You must also be able to configure your FTP daemo
Hello Andrey,
As Maik has previously mentioned that patch will only work on the older
version. We have someone working on an updated patch but cannot supply an
ETA at the moment as there are a couple of other things in the queue before
it.
On 24 October 2014 12:59, Andrey Zakabluk wrote:
> Hi
orrect that epoll does not currently support busy polling, I
will add that to the documentation in the patch. I was thinking
something along the lines of:
As of now (Linux <= 3.16), epoll does not support busy polling. See
also "noepoll".
Thoughts?
-Ben
[1]: http://docs.aws.amazon.com/AW
the
busy_read sysctl value. In that case, should it set ERR_ALERT? Or is
there a more appropriate error flag?
> Are there some applications or poc's already using busy polling where we
> could take a look?
Unfortunately, I have not found any other projects that support busy
polling expl
y benchmarks
at this time. :-/
I look forward to everyones feedback on these changes.
Cheers,
-Ben
0001-MEDIUM-enable-low-latency-polling-on-systems-which-s.patch
Description: Binary data
OK, thanks for the pointers Willy.
On Thu, Aug 28, 2014 at 3:13 AM, Willy Tarreau wrote:
> Hi Ben,
>
> On Wed, Aug 27, 2014 at 06:03:54PM -0700, Ben Burkert wrote:
>> Hello,
>>
>> The 3.11 release of the Linux kernel added a new feature for low
>> latency networ
on a listener socket. I was thinking the socket option could be
enabled by setting a "busy_poll" keyword in the listen section. Is
there any interest in accepting patches for such a feature?
Cheers,
-Ben
My only feedback is that haproxy has a lot of features that make it useful
as a MySQL frontend. The stats are great for sizing and monitoring
purposes. Timeouts and queuing are also great for managing load etc. I used
to run haproxy in front of a single MySQL instance for those features alone
ala:
Baptiste gave you the proper answer already. The SSL backend is using TCP
mode, so the check is a TCP check without the `option httpchk` defined on
the backend, which just checks that the port is open. Add the httpchk
option without check-ssl and you will be all set. Or you can use track to
skip th
While this does not answer your question per se you can use the track
option to eliminate the duplicate check.
In other words, the SSL backend can track the checks done by the non-SSL
backend.
backend nginx-ssl
modetcp
balance leastconn
server app1
Read the manual about `rise` and `fall` parameters. These allow you to
control how many successive checks must pass or fail before the server
transitions up or down (rises / falls). The check interval is used as the
check timeout unless you specify a check timeout. See "timeout check" in
the manual
TCP mode load balancing would treat each TCP quad (source ip/source port,
dest ip/dest port), stream, or flow as a "session" or in other words, the
TCP stream is the basic unit of TCP load balancing.
You can enable the stats http interface and monitor that in your browser
for some useful metrics s
Hi All,
I've been looking into sending email alerts from HAProxy and have written a
short blog on what I found with a few a few simple examples :
http://blog.loadbalancer.org/3-ways-to-send-haproxy-health-check-email-alerts/
If anyone has any thoughts ,suggestions or improvements please let me kn
Alok,
Sorry have been out of the office for a while.
You could try increasing the clitimeout and srctimeout values in your
defaults section. These values are ninety and one hundred and twenty
seconds respectively. My guess is that tcpka has no effect on "activity"
from haproxy's point of view as
On Thu, Apr 18, 2013 at 3:38 PM, Alok Kumar wrote:
> Hi Ben,
> In my case we are load balancing across FTP servers.
>
> FTP uses two data channel and command channel port for data transfer.
>
I use haproxy for the same purpose. Closing the command channel will not
affect a tran
Alok,
On Tue, Apr 16, 2013 at 8:26 PM, Alok Kumar wrote:
> I have a HA Proxy server(1.4), thzt is load balacing FTP traffic to Six
> FTP
> servers.
>
> I noticed that Load Balancer is dropping traffic after 50 sec, where as
> there
> was a valid ftp control port and Large file transfer was in
I run about 50 FTP server clusters. Each cluster consists of 3 backend FTP
servers. I am using haproxy to load balance each of these clusters to three
backends. I am using smtpchk to verify the FTP banner. I run the HTTP admin
interface, which shows the status of all the front/backends.
Running ha
On Tue, Jan 22, 2013 at 9:57 AM, Olivier Desport
wrote:
> I use Haproxy with two web servers. The CSS are not well displayed (images,
> fonts...). The look of the page is different every time I refresh ! It works
> correctly when Haproxy is not used. Is there something to set up in haproxy
> or Ap
1 - 100 of 160 matches
Mail list logo