On Wed, 12 Jun 2024, at 13:04, Aleksandar Lazic wrote:
> Hi.
>
> Attached a new version with updated upstream-proxy.cfg.
>
> This Patch have also the feature `upstream-proxy-target` to get rid of the
> dependency for the srv->hostname.
>
> ```
> tcp-request content upstream-proxy-target www.test1.
On Tue, 11 Jun 2024, at 22:57, Aleksandar Lazic wrote:
> Hi Dave.
>
> Thank you for your test and feedback.
>
> When you put this line into backend, will this be better?
>
> ```
> tcp-request connection upstream-proxy-header HOST www.httpbun.com
> ```
>
> Regards
> Alex
Hi Alex,
Sorry I forgot to
On Mon, 10 Jun 2024, at 22:09, Aleksandar Lazic wrote:
> It is now possible to set via "tcp-request connection upstream-proxy-header"
> headers for the upstream proxy
>
> ```
> tcp-request connection upstream-proxy-header Host www.test1.com
> tcp-request connection upstream-proxy-header Proxy-Auth
On Thu, 6 Jun 2024, at 22:57, Aleksandar Lazic wrote:
> Hi.
>
> I was able to create a working setup with the attached patches, I'm
> pretty sure
> that the patch will need some adoptions until it' ready to commit to
> the dev branch.
>
> It would be nice to get some feedback.
Hi Alex,
This is
hi,
Can haproxy support following backend scenario?
- use HTTP CONNECT to establish a proxy connection
- send custom HTTP header with the CONNECT method
- then switch to tunnel mode to allow custom TLS protocol through
I've not found anything really useful in RFC7231 whether this
is a common sce
> On Wed, Sep 07, 2022 at 09:04:44PM +0000, Dave Cottlehuber wrote:
>> hi,
>>
>> I'm working towards dumping a list of top N http requesters via a
>> lua-driven HTTP response, from a peer synced table.
>>
>> The first stage is to dump without peers.
hi,
I'm working towards dumping a list of top N http requesters via a
lua-driven HTTP response, from a peer synced table.
The first stage is to dump without peers. I have found the stick table
object, but can't call any of the info, dump, or lookup methods on it.
Using this example[0] from the b
I'd like to capture & mirror HTTP traffic for a few days, to
capture some truly representative load generating traffic.
https://www.haproxy.com/blog/haproxy-traffic-mirroring-for-real-world-testing/
There seem to be a few general options:
- use spoe & spoa-mirror
- some bpf/tcpdump powered captu
On Tue, 31 Mar 2020, at 07:53, Aleksandar Lazic wrote:
> Hi Dave.
>
> On 31.03.20 09:24, Dave Cottlehuber wrote:
> > hi all,
> >
> > Our main haproxy.conf has practically become sentient... it's reached the
> > point where the number of url redirects and si
hi all,
Our main haproxy.conf has practically become sentient... it's reached the
point where the number of url redirects and similar incantations is very
hard to reason about, and certainly not test or validate, until it's
shipped. In fact I deploy to a "B" cluster node, and verify most changes
o
On Thu, 15 Nov 2018, at 14:49, Christopher Faulet wrote:
> Le 15/11/2018 à 11:14, Dave Cottlehuber a écrit :
> > bonjour list,
> >
> > In comparison to 1.8 (and probably 1.9b5 but I can't verify that at
> > present) the 301 redirect seems to be handled differentl
bonjour list,
In comparison to 1.8 (and probably 1.9b5 but I can't verify that at present)
the 301 redirect seems to be handled differently. Initially I thought this was
an HTTP2 issue but it 's reproducible on HTTP/1.1 as well.
curl --http1.1 -4vsSLo /dev/null https://logs.example.com/ > h11_
On Sat, 29 Sep 2018, at 00:31, Aleksandar Lazic wrote:
> Hi.
>
> Have anyone used this server in production setup behind haproxy?
>
> https://h2o.examp1e.net/
Yes for the last 2 years at least. but from a pure speed and http2
perspective you’re best off running them beside each other. It’s
solid w
On Mon, 17 Sep 2018, at 13:04, Damen Barker wrote:
> Hi There
>
> We are running 1.6, the issue we are facing is that my backend servers
> are seeing the incoming IP address of the HAProxy server and not the
> client IP address and our application needs to see this. Please see
> below our configura
I've been taking HTTP/2 for a spin, using a phoenix[1] app with websockets. The
basic "does it connect" works very well already (thank-you!) but I'm not sure
if it's possible to enable per-frame compression within websockets or not -- or
even intended?
My use case is to reduce the size of JSON
Hi,
I'm using haproxy to handle TLS termination to a 3rd party API that requires
authentication (username/password) to be passed as query parameters to a GET
call.
I want to log the request as usual, just not all the query parameters.
Obviously for a POST the parameters would not be logged at
On Fri, 2 Mar 2018, at 01:40, Lukas Tribus wrote:
> On 2 March 2018 at 01:09, Dave Cottlehuber wrote:
> > I have 2 TLS cert bundles that I'd like to serve off haproxy, using a
> > single IP. Both certs have multiple SANs in them.
>
> Yes. You don't need TCP mode
I have 2 TLS cert bundles that I'd like to serve off haproxy, using a single
IP. Both certs have multiple SANs in them.
- our main production site: api,beta,www.example.com using EV cert
- a lets-encrypt cert bundle for old DNS names that we only need to redirect
https: back to the main site
I
On Wed, 7 Jun 2017, at 10:42, David King wrote:
> Just to close the loop on this, last night was the time at which we were
> expecting the next hang. All of the servers we updated haproxy to the
> patched versions did not hang. The test servers which were running the
> older version hung as expecte
On Wed, 5 Apr 2017, at 01:34, Lukas Tribus wrote:
> Hello,
>
>
> Am 05.04.2017 um 00:27 schrieb David King:
> > Hi Dave
> >
> > Thanks for the info, So interestingly we had the crash at exactly the
> > same time, so we are 3 for 3 on that
> >
> > The setups sounds very similar, but given we all
On Mon, 13 Mar 2017, at 13:31, David King wrote:
> Hi All
>
> Apologies for the delay in response, i've been out of the country for the
> last week
>
> Mark, my gut feeling is that is network related in someway, so thought we
> could compare the networking setup of our systems
>
> You mentioned
On Wed, 15 Mar 2017, at 12:02, Willy Tarreau wrote:
> Hi Cyril!
>
> On Wed, Mar 15, 2017 at 11:48:01AM +0100, Cyril Bonté wrote:
> > As a reminder (to me), I sent a patch in december (just before the 1.7.0
> > release), which immediately closes the HTTP keep-alived connections.
> > Currently, duri
On Tue, 28 Feb 2017, at 06:24, Mark S wrote:
> Hi Folks,
>
> This is a strange one and I haven't yet been able to duplicate. But I
> wanted to report the description of what did happen in case it was either
> a known issue or one that would seem likely based on the code.
>
> The servers in qu
On Fri, 10 Feb 2017, at 16:21, Piotr Kubaj wrote:
> Please try the corrected patches. Before Haproxy was kind of unstable.
> Now it seems to work fine. I also changed tests for defined
> LIBRESSL_VERSION_NUMBER to testing LibreSSL version to keep the older
> versions working.
>
> On 17-02-10 13:48
nt at the moment for the project but I am
> trying to Implement it and all suggestions are welcome.
>
>
> regards,
> Thilina Manamgoda
—
Dave Cottlehuber
+43 67 67 22 44 78
Managing Director
Skunkwerks, GmbH
http://skunkwerks.at/
ATU70126204
Firmenbuch 410811i
> > Am 16.11.2016 um 15:39 schrieb Willy Tarreau:
> > >
> > > Same here. What is annoying is that every time it appears, it's protected
> > > by a #if OPENSSL_VERSION_NUMBER >= 1.1.0 so that means that LibreSSL is
> > > spoofing OpenSSL version numbers without providing compatibility. If so,
> > >
Hi there
I'm running into a build failure for 1.7-dev6 with LibreSSL on FreeBSD
11.0-RELEASE-p3 amd64. I've no idea if this is a supported combo or not
but it does work with 1.6.9 very nicely already.
cc -Iinclude -Iebtree -Wall -O2 -pipe -fno-omit-frame-pointer
-fstack-protector -fno-strict-al
On Thu, 10 Nov 2016, at 13:53, Malcolm Turnbull wrote:
> Georg,
>
> That's a timely reminder thanks:
> I just had another chat with Simon Horman who has kindly offered to
> take a look at this again.
Sounds great!
I'm very interested in logging this continually via chrooted unix
socket,
into bot
28 matches
Mail list logo