967195
1575948214.857219 [01] <1> write_frame_cb
1575948214.857648 [01] <1> Frame of 31 bytes send
Testing with Haproxy 2.0.10 but same result with 1.8.23. The versions of
ModSecurity is 2.9.2 and the OWASP rules v3.0.2
What am I doing wrong? Can anyone provide a request that should confirm if
the module is working or not from or share the experience from their own
setup?
Thanks,
Igor
Hi,
On Tue, Dec 17, 2019 at 2:55 AM Olivier D wrote:
> Hello,
>
> I found what was wrong : I was using "load-server-state-from-file" and
> previous config file was using port 80 as server port.
> It seems using this instruction loads previous server state but also
> previous srv_port.
> Is this
Hi Joao,
On Sat, Dec 14, 2019 at 11:30 PM Joao Morais wrote:
>
>
> > Em 13 de dez de 2019, à(s) 10:09, Christopher Faulet <
> cfau...@haproxy.com> escreveu:
> >
> > Le 10/12/2019 à 05:24, Igor Cicimov a écrit :
> >>
> >> Testing with Haproxy 2.
Hi Olivier,
On Tue, Dec 17, 2019 at 7:20 PM Olivier D wrote:
> Hello Igor,
>
>
> Le lun. 16 déc. 2019 à 23:41, Igor Cicimov
> a écrit :
>
>> Hi,
>>
>> On Tue, Dec 17, 2019 at 2:55 AM Olivier D wrote:
>>
>>> Hello,
>>>
>>> I
xactly the same backend
working fine with frontend in TCP mode using "ssl_sni" like so:
frontend fe_https_tcp
bind *:8443
mode tcp
option tcplog
tcp-request connection reject if !{ src -f /etc/haproxy/whitelist.lst }
tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }
use_backend host.mydomain.com if { req.ssl_sni -i host.mydomain.com }
Thanks,
Igor
Hi Christopher,
On Wed, Jan 29, 2020 at 7:58 PM Christopher Faulet
wrote:
> Le 29/01/2020 à 05:14, Igor Cicimov a écrit :
> > Hi all,
> >
> > I'm asking this question here since I read in the docs that if I see
> "Ixxx" in
> > the session "ter
Hi,
I was testing haproxy 1.8 from the ppa repository and noticed it is not
build with alpn support so just wonder why?
Thanks,
Igor
ules are available.
Distributor ID:Ubuntu
Description:Ubuntu 14.04.5 LTS
Release:14.04
Codename:trusty
On Fri, Jan 26, 2018 at 12:39 AM, Lukas Tribus wrote:
> Hello,
>
> On 25 January 2018 at 13:26, Igor Cicimov
> wrote:
> > Hi,
> >
> > I was testing ha
Hi Lukas,
On Fri, Jan 26, 2018 at 1:04 AM, Lukas Tribus wrote:
> Hello,
>
>
> On 25 January 2018 at 14:53, Igor Cicimov
> wrote:
> >
> > Hi,
> >
> > The info below, that openssl version fort he build is little bit oldish
> isn't it?
> &g
On Fri, Jan 26, 2018 at 1:22 AM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
> Hi Lukas,
>
> On Fri, Jan 26, 2018 at 1:04 AM, Lukas Tribus wrote:
>
>> Hello,
>>
>>
>> On 25 January 2018 at 14:53, Igor Cicimov
>> wrote:
>> >
>
Hi Pieter,
On Thu, Jan 25, 2018 at 3:15 AM, Pieter Vogelaar
wrote:
> I have the following configuration:
>
>
>
>
>
> frontend default-tcp
>
> bind 192.168.52.12:5044
>
> bind 192.168.52.12:
>
> bind 192.168.52.12:5556
>
> bind 192.168.52.12:5672
>
> bind 192.168.52.13:5672
>
> mo
On Fri, Jan 26, 2018 at 2:36 AM, Pieter Vogelaar
wrote:
> It’s TCP layer 4 load balancing, so the HTTP hdr(host) won’t work.
>
>
>
>
>
> Best regards,
>
> Pieter Vogelaar
>
>
>
> *Van: *Igor Cicimov
> *Datum: *donderdag 25 januari 2018 om 16:33
Hi Willy,
On Fri, Jan 26, 2018 at 3:47 PM, Willy Tarreau wrote:
> On Fri, Jan 26, 2018 at 01:26:35AM +1100, Igor Cicimov wrote:
> > Or you meant using the haproxy 16.04 image actually. Ok, another option
> is
> > to compile it myself with the openssl version I have atm.
>
Hi Willy,
On Fri, Jan 26, 2018 at 6:21 PM, Willy Tarreau wrote:
> Hi Igor,
>
> On Fri, Jan 26, 2018 at 05:07:10PM +1100, Igor Cicimov wrote:
> > Hi Willy,
> >
> > On Fri, Jan 26, 2018 at 3:47 PM, Willy Tarreau wrote:
> >
> > > On Fri, Jan 26, 20
On Fri, Jan 26, 2018 at 2:28 PM, TomK wrote:
> Hey All,
>
> We have UCARP and HAproxy configured and setup between two servers.
> HAproxy is bound to the UCARP VIP between the nodes. There are four
> services per hoer: four on SRV1 (primary) and same four apps on SRV2
> (secondary) We need activ
On 27 Jan 2018 4:44 pm, "TomK" wrote:
On 1/26/2018 7:49 PM, Igor Cicimov wrote:
>
> On Fri, Jan 26, 2018 at 2:28 PM, TomK tomk...@mdevsys.com>> wrote:
>
> Hey All,
>
> We have UCARP and HAproxy configured and setup between two servers.
> HApr
On Wed, Jan 31, 2018 at 1:41 PM, 龙红波 wrote:
> *hi all,*
> *recently we are ready to upgrade to haproxy 1.8,however, when testing
> HTTP2, we found a drop in performance,below is the test scenario:*
> * haproxy version:*
>
> HA-Proxy version 1.8.3-205f675 2017/12/30
> Copyright 2
On Sat, Feb 3, 2018 at 6:02 PM, wrote:
> I need to set up haproxy 1.8.3 as a loadbalancer for several nginx
> webservers (1.13.x). The haproxy will be set up to support h2 connections.
> I am undecided if it is a good idea to setup nginx for h2 also. I
> understand that haproxy will be able to ta
On Mon, Feb 5, 2018 at 12:12 AM, Aleksandar Lazic
wrote:
> Hi.
>
>
> Am 03-02-2018 10:25, schrieb Igor Cicimov:
>
> On Sat, Feb 3, 2018 at 6:02 PM, wrote:
>>
>> I need to set up haproxy 1.8.3 as a loadbalancer for several nginx
>>> webservers (1.13.x). T
On 6 Feb 2018 4:38 am, "Kai Timmer" wrote:
Hello,
I recently tried to update from v1.6.14 to v1.8.3 but experienced a lot of
problems with it.
I do hope that I made mistake in my configuration that works in 1.6 but
blows up my system up in 1.8. So I'm going to describe my setup/workload
and hope
bytes
> Max address space unlimitedunlimitedbytes
> Max file locksunlimitedunlimitedlocks
> Max pending signals 3140131401signals
> Max msgqueue size 819200
Hi Willy,
On Fri, Feb 9, 2018 at 1:16 AM, Willy Tarreau wrote:
Fred plans to bring SSL support to the peers among
> other things, and is working on a regression testing suite (yeah!).
Does this mean it will be possible to share the sessions tickets between
the peers?
I doing wrong?
Thanks,
Igor
On Wed, Feb 28, 2018 at 3:28 PM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
> Hi all,
>
> I have haproxy 1.7.10-1ppa1~xenial installed on Ubuntu-16.04 and
> struggling to enable rsyslog-ing for the service.
>
> I have rsyslog running and the following haproxy r
On Wed, Feb 28, 2018 at 3:33 PM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
>
>
> On Wed, Feb 28, 2018 at 3:28 PM, Igor Cicimov com> wrote:
>
>> Hi all,
>>
>> I have haproxy 1.7.10-1ppa1~xenial installed on Ubuntu-16.04 and
>> struggling t
Hi Vincent,
On Wed, Feb 28, 2018 at 5:14 PM, Vincent Bernat wrote:
> ❦ 28 février 2018 15:50 +1100, Igor Cicimov com> :
>
> > Actually spoke too soon, still have an issue. One of the servers started
> > logging there but then stopped and on the other the file is sti
On Wed, Feb 28, 2018 at 5:51 PM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
> Hi Vincent,
>
> On Wed, Feb 28, 2018 at 5:14 PM, Vincent Bernat wrote:
>
>> ❦ 28 février 2018 15:50 +1100, Igor Cicimov <
>> ig...@encompasscorporation.com> :
>>
&g
Hi Vincent,
On Wed, Feb 28, 2018 at 6:18 PM, Vincent Bernat wrote:
> ❦ 28 février 2018 17:51 +1100, Igor Cicimov com> :
>
> >> > Actually spoke too soon, still have an issue. One of the servers
> started
> >> > logging there but then stopped and on
On Wed, Feb 28, 2018 at 9:28 PM, Vincent Bernat wrote:
> ❦ 28 février 2018 21:00 +1100, Igor Cicimov com> :
>
> > # ls -l /var/lib/haproxy/dev/log
> > srw-rw-rw- 1 root root 0 Feb 28 16:06 /var/lib/haproxy/dev/log
> >
> > # lsof -n -p $(pidof haproxy) | gre
On Thu, Mar 1, 2018 at 2:08 AM, Vincent Bernat wrote:
> ❦ 28 février 2018 22:14 +1100, Igor Cicimov com> :
>
> > Same, no logging:
> [...]
>
> Could you strace rsyslogd and check if it is receiving the messages?
Sure:
# pidof rsyslogd
4145
# strace -p 4145
strac
On Thu, Mar 1, 2018 at 5:08 PM, Vincent Bernat wrote:
> ❦ 1 mars 2018 09:53 +1100, Igor Cicimov > :
>
> >> > Same, no logging:
> >> [...]
> >>
> >> Could you strace rsyslogd and check if it is receiving the messages?
> >
> >
>
On Fri, Mar 2, 2018 at 5:49 PM, Vincent Bernat wrote:
> ❦ 2 mars 2018 09:49 +1100, Igor Cicimov > :
>
> > $ ls -l /var/log/haproxy.log
> > -rw-r- 1 syslog adm 48939 Mar 1 20:17 /var/log/haproxy.log
> >
> > and I'm sure this file was automatically c
Hello, does TFO on the server side now implemented?
On Wed, Jan 4, 2017 at 2:56 PM, Willy Tarreau wrote:
> On Tue, Jan 03, 2017 at 06:21:18PM +0100, Lukas Tribus wrote:
>> Hi Igor,
>>
>>
>> Am 16.12.2016 um 12:52 schrieb Igor Pav:
>> > Cool, even TLS 1
e problem I'm having is that you don't describe exactly what you're
> trying to achieve nor how you want to use that information about the
> broken stickiness, so it's very hard for me to try to figure a working
> solution. I propose
server name can help. It will have value of Server1 for
the first requests that have fell over to Server2 so checking the value
will tell you it came from different server.
>
> Best regards,
>
>
>
> Gisle
>
>
>
>
>
> *From: *Igor Cicimov
> *Date: *Thursday, 22 M
On Thu, Mar 22, 2018 at 10:42 PM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
> Hi,
>
> On Thu, Mar 22, 2018 at 6:24 PM, Gisle Grimen
> wrote:
>
>> Hi,
>>
>>
>>
>> Thank you for your response.
>>
>>
>>
>> To be
On Mon, 16 Apr 2018 6:09 pm Ayush Goyal wrote:
> Hi Moemen,
>
> Thanks for your response. But I think I need to clarify a few things here.
>
> On Mon, Apr 16, 2018 at 4:33 AM Moemen MHEDHBI
> wrote:
>
>> Hi
>>
>> On 12/04/2018 19:16, Ayush Goyal wrote:
>>
>> Hi,
>>
>> I have a question regarding
Hi,
On Fri, Apr 27, 2018 at 3:03 PM, Sen wrote:
> Hi
>
> I have an app deployed in Pivotal Cloudfoundry (PCF) and to route traffic
> to an app in PCF, we have to use application route name (virtual hostname).
>
> We have PCF in two different datacenters and I need to load balance the
> traffic t
On Fri, May 4, 2018 at 5:01 PM, Lukas Tribus wrote:
> Hello Igor, Sen,
>
>
> On 4 May 2018 at 08:46, Igor Cicimov
> wrote:
> > Have you tried:
> >
> > option httpchk GET /env HTTP/1.1\r\nHost:\ %[req.hdr(Host)]
>
> When you are health checking, you don
On Fri, 11 May 2018 8:01 pm Mihir Shirali wrote:
> Thanks Aleksandar for the help!
> I did look up some examples for setting 503 - but all of them (as you've
> indicated) seem based on src ip or src header. I'm guessing this is more
> suitable for a DOS/DDOS attack? In our deployment, the likeli
Hello!
I've tried to create haproxy 1.8.9 RPM package using rpmbuild and got the
folowing error: error: 'all_threads_mask' undeclared (first use in this
function)
Could you please help me to resolve it?
rpmbuild -ba ~/rpmbuild/SPECS/haproxy.spec
warning: bogus date in %changelog: Tue May 09 2007
Hi Dmitriy,
On Thu, Jun 21, 2018 at 12:45 PM, Dmitriy Kuzmin wrote:
> Greetings
>
> I’m using haproxy to load balance readonly queries between redis slaves.
> I want to use health check system to exclude slaves from load balancing,
> that are in a process of sync with master.
> The idea is to lo
ni in essa contenute sono
> da considerarsi strettamente riservate.
>
> This email is confidential, do not use the contents for any purpose
> whatsoever nor disclose them to anyone else. If you are not the intended
> recipient, you should not copy, modify, dis
On Sun, Jun 24, 2018 at 11:28 PM, mlist wrote:
> Hi Igor,
>
> as I see, this is not true.
>
>
>
> I think ssl_fs is just persisted between request and response as this work
> fine without setting vars (as for below example), *but never works for
> cookie header
error, please notify the sender immediately
> and delete the Message from your system, any use of the Message is
> forbidden. Correspondence via e-mail is primarily for information purposes.
> RBI neither makes nor accepts legally binding statements via e-mail unless
> explicitly agreed otherwise. Information pursuant to § 14 Austrian
> Companies Code: Raiffeisen Bank International AG; Registered Office: Am
> Stadtpark 9
> <https://maps.google.com/?q=Am+Stadtpark+9&entry=gmail&source=g>, 1030
> Vienna,Austria; Company Register Number: FN 122119m at the Commercial Court
> of Vienna (Handelsgericht Wien).
>
Regards,
Igor
On Fri, Jul 13, 2018 at 11:08 AM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
> Hi Martin,
>
> On Thu, Jul 12, 2018 at 6:55 PM, Martin RADEL <
> martin.ra...@rbinternational.com> wrote:
>
>> Hi all,
>>
>>
>>
>> we have a str
On Fri, Jul 13, 2018 at 11:26 AM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
> On Fri, Jul 13, 2018 at 11:08 AM, Igor Cicimov <
> ig...@encompasscorporation.com> wrote:
>
>> Hi Martin,
>>
>> On Thu, Jul 12, 2018 at 6:55 PM, Martin RADEL <
On Sat, Jul 21, 2018 at 4:49 PM, jdtommy wrote:
> here is my simple `listen` section of the haproxy config file:
>
> listen graph_front
>bind *:8182
>mode tcp
>server graph_server graph.server.com:8182
>
> this works just fine, but I need the address and port to be a e
On Sat, Jul 21, 2018 at 7:12 PM, Jonathan Matthews
wrote:
> On Sat, 21 Jul 2018 at 09:12, jdtommy wrote:
>
>> I am setting them before I start haproxy in the terminal. I tried both
>> starting it as a service and starting directly, but neither worked. It
>> still would not forward it along.
>>
>
Hi,
On Sat, Aug 4, 2018 at 1:50 AM, K3 wrote:
> Hi,
> We are running into a problem and would like to hear any advice.
>
> Our Setup:
> We use haproxy 1.7.7 with two backends.
> One of the backends is AWS ELB
> The haproxy is running on a linux machine in our data center (on premises)
>
> Proble
Hi Lukas,
On Sat, Aug 4, 2018 at 11:19 PM, Lukas Tribus wrote:
> On Sat, 4 Aug 2018 at 14:21, Igor Cicimov
> wrote:
> >
> > Hi,
> >
> > On Sat, Aug 4, 2018 at 1:50 AM, K3 wrote:
> >>
> >> Hi,
> >> We are running into a problem and wo
Hi Jonathan,
On Tue, Aug 7, 2018 at 9:43 AM, Jonathan Opperman
wrote:
> Hi All,
>
> I am hoping someone can give me some tips and pointers on getting
> something working
> in haproxy that could do the following:
>
> I have installed haproxy and put a web server behind it, the proxy has 2
> inter
On Tue, Aug 7, 2018 at 10:53 AM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
> Hi Jonathan,
>
> On Tue, Aug 7, 2018 at 9:43 AM, Jonathan Opperman
> wrote:
>
>> Hi All,
>>
>> I am hoping someone can give me some tips and pointers on getting
>&g
Hi Jonathan,
I'll keep bottom posting otherwise the thread will become a real mess and
very hard to follow historically.
On Sun, Aug 12, 2018 at 9:19 PM Jonathan Opperman
wrote:
> Hi Igor,
>
> Not 100% sure what you mean here with the redirect to the proxy bind on
> that po
Hi Daniel,
We had similar issue in 2015, and the answer was: server timeout was too
short. Simple.
On Thu, 23 Aug 2018 9:56 pm Daniel Schneller <
daniel.schnel...@centerdevice.com> wrote:
> Friendly bump.
> I'd volunteer to do some documentation amendments once I understand the
> issue better :D
; -
>
>
> --
> Daniel Schneller
> Principal Cloud Engineer
>
> CenterDevice GmbH
> Rheinwerkallee 3
> 53227 Bonn
> www.centerdevice.com
>
> __
> Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina, Michael
> Rosbach, Handelsregister-Nr.: HRB 18655, HR-Gericht: Bonn,
> USt-IdNr.: DE-815299431
>
> Diese E-Mail einschließlich evtl. beigefügter Dateien enthält vertrauliche
> und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige
> Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren
> Sie bitte sofort den Absender und löschen Sie diese E-Mail und evtl.
> beigefügter Dateien umgehend. Das unerlaubte Kopieren, Nutzen oder
> Öffnen evtl. beigefügter Dateien sowie die unbefugte Weitergabe
> dieser E-Mail ist nicht gestattet.
>
>
>
--
Igor Cicimov | DevOps
p. +61 (0) 433 078 728
e. ig...@encompasscorporation.com <http://encompasscorporation.com/>
w*.* www.encompasscorporation.com
a. Level 4, 65 York Street, Sydney 2000
On Wed, 26 Sep 2018 4:34 am Aleksandar Lazic wrote:
> Hi Daniel.
>
> Thank you also to clarify this topic.
>
> I strongly suggest to develop a operator and not only a controller, as
> this is a more future oriented pattern, imho.
>
> https://www.startpage.com/do/search?query=kubernetes+operator
>
The NOSRV can simply mean you have received a request that does not match
your backend selection acls, common to bots probing for wordpress login
page etc.
On Fri, 12 Oct 2018 12:23 am Michał Pasierb
wrote:
> Hello,
>
> I did not mention it but all servers in c_backend have a httpchk
> configure
On Wed, Oct 24, 2018 at 11:35 AM Imam Toufique wrote:
> Not completely there yet, but I at least got the backend server login
> screen to come up with the following:
>
> frontend
> acl host_web3 path_beg /jhub
> use_backend web3_cluster if host_web3
>
> backend
> backend web3_cluster
>mode ht
On Wed, Oct 24, 2018 at 9:16 AM James Brown wrote:
>
> I tested enabling HTTP/2 on the frontend for some of our sites today and
> immediately started getting a flurry of failures. Browsers (at least Chrome)
> showed a lot of SPDY protocol errors and the HAProxy logs had a lot of lines
> ending
On Wed, 24 Oct 2018 5:06 pm Aleksandar Lazic wrote:
> Hi.
>
> Am 24.10.2018 um 03:02 schrieb Igor Cicimov:
> > On Wed, Oct 24, 2018 at 9:16 AM James Brown wrote:
> >>
> >> I tested enabling HTTP/2 on the frontend for some of our sites today
> and immediately
On Thu, 25 Oct 2018 6:13 pm Imam Toufique wrote:
> so I almost got this to work, based on the situation I am in. To
> elaborate just a bit, my setup involves a shibboleth SP that I need to
> authenticate my application. Since I can't set up the HA proxy node with
> shibboleth SP - I had to wrap
On Thu, Oct 25, 2018 at 6:31 PM Igor Cicimov
wrote:
>
>
> On Thu, 25 Oct 2018 6:13 pm Imam Toufique wrote:
>
>> so I almost got this to work, based on the situation I am in. To
>> elaborate just a bit, my setup involves a shibboleth SP that I need to
>> authent
t; authenticate with shibboleth, and then the URL in the browser points to the
> backend node.
>
> For example:
>
> my proxy address: https://proxy.domain.com/jhub
>
> after I connect to the backend, the URL turns into -
> https://crsplabweb1.domain.com/jhub/tree?
>
> ...an
Hi Imam,
On Sat, Oct 27, 2018 at 4:42 PM Imam Toufique wrote:
> Hi Igor,
>
> Thanks very much for offering to help! I will do this in sections,
> hopefully, I can keep this from being too cluttered.
>
Well you need to point crsplabweb2.example.com to the haproxy IP that's the
whole point of it running behind a proxy. Or am I missing something?
On Mon, Oct 29, 2018 at 1:28 PM Imam Toufique wrote:
> Hi Igor,
>
> Thank you so much, I will definitely try your suggestions, but I am
issing something? "
>
> Well, I am not sure what you meant by that comment above.
>
> On Sun, Oct 28, 2018 at 8:07 PM Igor Cicimov <
> ig...@encompasscorporation.com> wrote:
>
>> Well you need to point crsplabweb2.example.com to the haproxy IP that's
>>
Hi Lukas,
On Tue, Oct 30, 2018 at 2:42 AM Lukas Tribus wrote:
>
> Hi,
>
>
> On Sun, 28 Oct 2018 at 23:47, PiBa-NL wrote:
> >
> > Hi List,
> >
> > When i enable H2 'alpn h2,http/1.1' on haproxy bind line with offloading
> > 'mode http'. The overall loading of a web-application i use takes longer
On Tue, Oct 30, 2018 at 10:15 AM Lukas Tribus wrote:
> On Mon, 29 Oct 2018 at 23:55, Igor Cicimov
> wrote:
> > > > However when enabling H2 on the frontend the connection to the
> webserver
> > > > (which itself is also made with SSL encryption) is made for
On Tue, Oct 30, 2018 at 2:45 AM Marcos Gonzalez wrote:
>
> Hi list
>
> I'm using haproxy to redirect traffic directly to backend server. We are
> looking how to load balance sql servers directly, and this works, but I don't
> know how to add ssl support.
>
> I'm using this config setup and works
Hi,
# haproxy -v
HA-Proxy version 1.8.14-1ppa1~xenial 2018/09/23
Copyright 2000-2018 Willy Tarreau
I noticed that in case of multiple domains and OCSP setup:
# ls -1 /etc/haproxy/ssl.d/*.ocsp
/etc/haproxy/ssl.d/star_domain2_com.crt.ocsp
/etc/haproxy/ssl.d/star_domain_com.crt.ocsp
/etc/haproxy/s
On Mon, 12 Nov 2018 4:23 am Louis Chanouha Hello,
>
> If I'm right (I may have missed some exchanges in mailing), h2 main
> improvement in 1.9 will be end2end working. So to have an h2 with Server
> Push, we will need to have h2 enabled backends.
>
> Is a server push initiated by HAProxy based on
On Sun, Nov 11, 2018 at 2:48 PM Igor Cicimov
wrote:
> Hi,
>
> # haproxy -v
> HA-Proxy version 1.8.14-1ppa1~xenial 2018/09/23
> Copyright 2000-2018 Willy Tarreau
>
> I noticed that in case of multiple domains and OCSP setup:
>
> # ls -1 /etc/haproxy/ssl.d/
On Thu, Nov 15, 2018 at 1:36 AM Aleksandar Lazic wrote:
> Hi Vijay.
>
> Am 14.11.2018 um 10:14 schrieb Vijay Bais:
> > Hello Aleksandar,
> >
> > We already considered using haproxy maps but we still have to define N
> backends
> > for corresponding N keys in the map file.
> > I'm looking more at
Hi Moemen,
On Tue, Nov 27, 2018 at 1:24 AM Moemen MHEDHBI wrote:
>
>
> On 11/14/18 1:34 AM, Igor Cicimov wrote:
>
> On Sun, Nov 11, 2018 at 2:48 PM Igor Cicimov
> wrote:
>>
>> Hi,
>>
>> # haproxy -v
>> HA-Proxy version 1.8.14-1ppa1~xenial
Hello everybody,
I have a farm of three squid proxies, pointing one of them
individualy, in a browser for example, I can authenticate (kerberos
authentication via squid_kerb_auth) but when I point the browser to
the vip I cannot authenticate. Does anybody have a clue about how can
I authenticate vi
ter 1s rise 1 fall 1
AND
listen helloworld
bind :80
mode http
option httplog
server srv1 10.0.2.15:9494 check inter 1s rise 1 fall 1 cookie srv1
server srv2 10.0.2.15:9495 check inter 1s rise 1 fall 1 cookie srv2
thanks!
--igor
becomes available again, but
every time a backend is added Synapse restarts haproxy
* there's no connector yet for plugging Synapse into consul; this would
need to be written.
--igor
On Thu, Jun 19, 2014 at 6:02 PM, Justin Franks
wrote:
> Hello,
>
> We are using Consul, written by
ke a tcp dump of the
traffic entering apache. In that way you will find the culprit for sure.
Cheers,
Igor
On Tue, Oct 6, 2015 at 9:22 AM, Daren Sefcik
wrote:
> As I wrote in my previous emails it is not just a WP problem but several
> other sites also that behave weird but some others are ju
to bla bla".
>
>
> server Product1.VM0 cookie c check
>
>
>
> Thank you.
>
> --
>
> Sincerely,
>
> Susheel Jalali
>
> Coscend Communications Solutions
>
> Elite Premio Complex Suite 200, Pune 411045 Maharashtra India
> susheel.jal...@coscend.com
>
> Web site: www.Coscend
On Thu, Oct 8, 2015 at 12:18 AM, Dmitry Sivachenko
wrote:
> Hello,
>
> I am using haproxy-1.5.14 and sometimes I see the following errors in the
> log:
>
> Oct 7 08:33:03 srv1 haproxy[77565]: unix:1 [07/Oct/2015:08:33:02.428]
> MT-front MT_RU_EN-back/ 0/1000/-1/-1/1000 503 212 - - sQ--
> 125/124
On Thu, Oct 8, 2015 at 11:51 AM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
>
>
> On Thu, Oct 8, 2015 at 12:18 AM, Dmitry Sivachenko
> wrote:
>
>> Hello,
>>
>> I am using haproxy-1.5.14 and sometimes I see the following errors in the
>>
On Thu, Oct 8, 2015 at 7:15 PM, Dmitry Sivachenko
wrote:
>
> > On 7 окт. 2015 г., at 16:18, Dmitry Sivachenko
> wrote:
> >
> > Hello,
> >
> > I am using haproxy-1.5.14 and sometimes I see the following errors in
> the log:
> >
> > Oct 7 08:33:03 srv1 haproxy[77565]: unix:1 [07/Oct/2015:08:33:02
On 14/10/2015 9:41 PM, "Baptiste" wrote:
>
> Hey,
>
> I summarized what's new in HAProxy 1.6 with some configuration
> examples in a blog post to help quick adoption of new features:
> http://blog.haproxy.com/2015/10/14/whats-new-in-haproxy-1-6/
>
> Baptiste
>
Awesome, thank you!
Igor
On 30/10/2015 4:48 PM, "Daren Sefcik" wrote:
>
> So I think those links were the right idea and I have been trying
different configurations but am not quite there and am hoping somebody can
offer a bit more guidance.
>
> So when I telnet to the icap server I type in the OPTIONS line followed
by (2
On 30/10/2015 11:18 PM, "Labedan, Alain" wrote:
>
> Hi,
>
>
>
> I have HAPROXY in front of servers backend which are load balanced.
>
>
>
> - For terminated SSL haproxy, I want HAproxy give the good
certificate to the client associated with the good domain .
>
> I’ve not found how to conf
On 31/10/2015 2:03 AM, "Igor Cicimov"
wrote:
>
>
> On 30/10/2015 11:18 PM, "Labedan, Alain" wrote:
> >
> > Hi,
> >
> >
> >
> > I have HAPROXY in front of servers backend which are load balanced.
> >
> >
> >
>
On 31/10/2015 3:14 AM, "Daren Sefcik" wrote:
>
>
>
> On Thu, Oct 29, 2015 at 11:15 PM, Igor Cicimov <
ig...@encompasscorporation.com> wrote:
>>
>>
>> On 30/10/2015 4:48 PM, "Daren Sefcik" wrote:
>> >
>> > So I think those
On 07/11/2015 8:01 AM, "Sébastien ROHAUT"
wrote:
>
> Hi,
>
> We encountered a big problem this afternoon, which crashed for a while
one of our websites, a java (tomcat+lift) application. We are using Haproxy
1.5.
>
> For our backend, we're doing something like this, using tcp-check because
we need
On 12/11/2015 5:30 PM, "Guillaume Bourque" <
guillaume.bour...@logisoftech.com> wrote:
>
> Hello Bryan
>
> I’m running haproxy 1.5.4 and I can’t find any example on how to user
req.uri if you could give a examples on how to match a specific query to
redirect to another
>
> From http://domain/pages/
eg/?lang=$
> # off acl fr_topurlp_reg(lang\=$,?) -m
> found
> # off acl fr_topurlp_reg(lang\=$,?) -m
> found
>
> but with no luck
>
> thanks
>
> ---
> Guillaume Bourque, B.Sc.,
&g
On 13/11/2015 1:04 AM, "jaleel" wrote:
>
> Hello,
>
> I am trying to setup the following for deployment
>
> I have 2 servers.
> server1: eth0:10.200.2.211 (255.255.252.0)
> eth1: 192.168.10.10 (255.255.255.0)
> server2: eth0: 10.200.2.242 (255.255.252.0)
> eth1: 192.168.20.
On Sun, Nov 15, 2015 at 1:21 AM, SL wrote:
> Hi,
>
> We have quite a large number of backends, and are selecting which back end
> to use based on the host specified in the request. (Note these are not
> loadbalanced, we have to target them individually).
>
> Currently we are doing this with ACLs
On 20/11/2015 7:23 AM, "Piotr Kubaj" wrote:
>
> On 11/19/2015 17:01, Janusz Dziemidowicz wrote:
> > 2015-11-19 15:45 GMT+01:00 Piotr Kubaj :
> >> Now, about RSA vs ECDSA. I simply don't trust ECDSA. There are quite a
> >> lot of questions about constants used by ECDSA, which seem to be
> >> chosen
On 02/12/2015 12:41 AM, "Cohen Galit" wrote:
>
> Hello,
>
>
>
> When HAProxy 1.5.9 is trying to sample our servers with this
configuration: tcp-check connect port 50443 ssl
>
>
>
> Our servers returns an error:
>
>
>
> 2015-11-29 09:48:18,155 [StartPoint-IMAP-SSL-Worker(14)]
[e8d05153-267f-4378-9a
On 02/12/2015 10:19 AM, "Lukas Tribus" wrote:
>
> > On 02/12/2015 12:41 AM, "Cohen Galit"
> > mailto:galit.co...@xura.com>> wrote:
> > >
> > > Hello,
> > >
> > >
> > >
> > > When HAProxy 1.5.9 is trying to sample our servers with this
> > configuration: tcp-check connect port 50443 ssl
> > >
> > >
On 03/12/2015 6:54 AM, "Jesus Moran" wrote:
>
> Hello.
>
> Excelent work whit this tool.
>
> Today i was integrating haproxy 1.5 whit SSL and was easy and fast, but i
wave a litte issue.
>
> When i create the .key file i add it a phrase.
>
>
> i cerate the certificate with GoDaddy. And Now Alway w
erlist' block
>
> thx in advance for your time
>
>
Excellent question. One feature I would love to see in haproxy is support
for ldap authentication. It would be awesome If that could be done via lua.
Thanks,
Igor
On Mon, Jan 4, 2016 at 10:57 PM, Mike MacCana
wrote:
> I'm investigating active/passive HAProxy setups and came across the
> following from the official HAProxy blog. At http://blog.haproxy
> .com/2014/01/17/emulating-activepassing-application-clustering-with-
> haproxy/
>
> backend bk_app
>
On Sat, Jan 16, 2016 at 7:36 AM, Alex wrote:
> Hello,
>
> I was testing haproxy version 1.6.3 and I am a bit confused regarding
> draining a server.
>
> According to the documentation:
> set server / state [ ready | drain | maint ]
> [...] Setting the mode to "drain" only removes the server from
201 - 300 of 378 matches
Mail list logo