Hello,
On Tue, 20 Oct 2020 at 05:36, Dave Hall wrote:
> HAProxy Active/Standby pair using keepalived and a virtual IP.
> Load balance SSH connections to a group of user access systems (long-running
> Layer 4 connections).
> Using Fail2Ban to protect against password attacks, so using send-proxy-
ubject: IP binding and standby health-checks
Hello,
I'm new to this list and somewhat new to HAProxy. Before posting I scanned the
archives and found a thread from 2015 that seems to apply to my situation:
IP binding and standby health-checks
https://www.mail-archive.com/haproxy@f
Hello,
I'm new to this list and somewhat new to HAProxy. Before posting I
scanned the archives and found a thread from 2015 that seems to apply to
my situation:
IP binding and standby health-checks
https://www.mail-archive.com/haproxy@formilux.org/msg18728.html
The specifics of our
Hi Nathan,
The 'usesrc' keyword triggers this error. It needs root privileges.
(just checked in the source code)
Baptiste
On Thu, Jul 16, 2015 at 5:13 PM, Nathan Williams wrote:
> oh, i think this comment thread explains it:
> http://comments.gmane.org/gmane.comp.web.haproxy/20366. I'll see ab
oh, i think this comment thread explains it:
http://comments.gmane.org/gmane.comp.web.haproxy/20366. I'll see about
assigning
CAP_NET_ADMIN
On Wed, Jul 15, 2015 at 4:56 PM Nathan Williams
wrote:
> Hi Baptiste,
>
> Sorry for the delayed response, had some urgent things come up that
> required m
Hi Baptiste,
Sorry for the delayed response, had some urgent things come up that
required more immediate attention... thanks again for your continued
support.
> Why not using proxy-protocol between HAProxy and nginx?
Sounds interesting; I'd definitely heard of it before, but hadn't looked
into i
> As for details, it's advantageous for us for a couple of reasons... the
> realip module in nginx requires that you list "trusted" hosts which are
> permitted to set the X-Forwarded-For header before it will set the "source"
> address in the logs to the x-forwarded-for address. as a result, using
Hi Baptiste,
That's a fair question :) I understand it's a rather particular request,
it's just the first time we've really hit something that we weren't easily
able to address with haproxy (really marvelous software, thanks y'all), so
I figured we'd ask before accepting an inferior solution...
A
Nathan,
The question is: why do you want to use the VIP to get connected on
your backend server?
Please give a try to the following source line, instead of your current one:
source 0.0.0.0 usesrc 10.240.36.13
Baptiste
On Tue, Jul 14, 2015 at 9:06 PM, Nathan Williams wrote:
> OK, that did no
OK, that did not seem to work, so I think the correct interpretation of
that "addr" option must be as an override for what address/port to perform
the health-check *against* instead of from (which makes more sense in
context of it being a server option).
i was hoping for an option like "health-che
Hi Baptiste/Jarno,
Thanks so much for responding.
"addr" does indeed look like a promising option (though a strangely lacking
explanation in the docs, which explains what it makes possible while
leaving the reader to deduce what it actually does), thanks for pointing
that out.
Here's our config:
On Mon, Jul 13, 2015 at 6:03 PM, Nathan Williams wrote:
> Hi all,
>
> I'm hoping I can get some advice on how we can improve our failover setup.
>
> At present, we have an active-standby setup. Failover works really well, but
> on the standby, none of the backend servers are marked as "up" since h
Hi,
On Mon, Jul 13, Nathan Williams wrote:
> It seems like the easiest way to sort it out would be if the health-checks
> weren't also bound to the VIP so that the standby could complete them
> successfully. i do still want the proxied requests bound to the VIP though,
> forthe benefit of our back
Hi all,
I'm hoping I can get some advice on how we can improve our failover setup.
At present, we have an active-standby setup. Failover works really well,
but on the standby, none of the backend servers are marked as "up" since
haproxy is bound to the VIP that is currently on the active member (
14 matches
Mail list logo
