hi,
Can haproxy support following backend scenario?
- use HTTP CONNECT to establish a proxy connection
- send custom HTTP header with the CONNECT method
- then switch to tunnel mode to allow custom TLS protocol through
I've not found anything really useful in RFC7231 whether this
is a common
> On Wed, Sep 07, 2022 at 09:04:44PM +0000, Dave Cottlehuber wrote:
>> hi,
>>
>> I'm working towards dumping a list of top N http requesters via a
>> lua-driven HTTP response, from a peer synced table.
>>
>> The first stage is to dump without peers.
hi,
I'm working towards dumping a list of top N http requesters via a
lua-driven HTTP response, from a peer synced table.
The first stage is to dump without peers. I have found the stick table
object, but can't call any of the info, dump, or lookup methods on it.
Using this example[0] from the
I'd like to capture & mirror HTTP traffic for a few days, to
capture some truly representative load generating traffic.
https://www.haproxy.com/blog/haproxy-traffic-mirroring-for-real-world-testing/
There seem to be a few general options:
- use spoe & spoa-mirror
- some bpf/tcpdump powered
On Tue, 31 Mar 2020, at 07:53, Aleksandar Lazic wrote:
> Hi Dave.
>
> On 31.03.20 09:24, Dave Cottlehuber wrote:
> > hi all,
> >
> > Our main haproxy.conf has practically become sentient... it's reached the
> > point where the number of url redirects and simi
hi all,
Our main haproxy.conf has practically become sentient... it's reached the
point where the number of url redirects and similar incantations is very
hard to reason about, and certainly not test or validate, until it's
shipped. In fact I deploy to a "B" cluster node, and verify most changes
On Thu, 15 Nov 2018, at 14:49, Christopher Faulet wrote:
> Le 15/11/2018 à 11:14, Dave Cottlehuber a écrit :
> > bonjour list,
> >
> > In comparison to 1.8 (and probably 1.9b5 but I can't verify that at
> > present) the 301 redirect seems to be handled differentl
bonjour list,
In comparison to 1.8 (and probably 1.9b5 but I can't verify that at present)
the 301 redirect seems to be handled differently. Initially I thought this was
an HTTP2 issue but it 's reproducible on HTTP/1.1 as well.
curl --http1.1 -4vsSLo /dev/null https://logs.example.com/ >
On Sat, 29 Sep 2018, at 00:31, Aleksandar Lazic wrote:
> Hi.
>
> Have anyone used this server in production setup behind haproxy?
>
> https://h2o.examp1e.net/
Yes for the last 2 years at least. but from a pure speed and http2
perspective you’re best off running them beside each other. It’s
solid
On Mon, 17 Sep 2018, at 13:04, Damen Barker wrote:
> Hi There
>
> We are running 1.6, the issue we are facing is that my backend servers
> are seeing the incoming IP address of the HAProxy server and not the
> client IP address and our application needs to see this. Please see
> below our
I've been taking HTTP/2 for a spin, using a phoenix[1] app with websockets. The
basic "does it connect" works very well already (thank-you!) but I'm not sure
if it's possible to enable per-frame compression within websockets or not -- or
even intended?
My use case is to reduce the size of JSON
Hi,
I'm using haproxy to handle TLS termination to a 3rd party API that requires
authentication (username/password) to be passed as query parameters to a GET
call.
I want to log the request as usual, just not all the query parameters.
Obviously for a POST the parameters would not be logged at
I have 2 TLS cert bundles that I'd like to serve off haproxy, using a single
IP. Both certs have multiple SANs in them.
- our main production site: api,beta,www.example.com using EV cert
- a lets-encrypt cert bundle for old DNS names that we only need to redirect
https: back to the main site
On Wed, 7 Jun 2017, at 10:42, David King wrote:
> Just to close the loop on this, last night was the time at which we were
> expecting the next hang. All of the servers we updated haproxy to the
> patched versions did not hang. The test servers which were running the
> older version hung as
On Wed, 5 Apr 2017, at 01:34, Lukas Tribus wrote:
> Hello,
>
>
> Am 05.04.2017 um 00:27 schrieb David King:
> > Hi Dave
> >
> > Thanks for the info, So interestingly we had the crash at exactly the
> > same time, so we are 3 for 3 on that
> >
> > The setups sounds very similar, but given we all
On Mon, 13 Mar 2017, at 13:31, David King wrote:
> Hi All
>
> Apologies for the delay in response, i've been out of the country for the
> last week
>
> Mark, my gut feeling is that is network related in someway, so thought we
> could compare the networking setup of our systems
>
> You mentioned
On Wed, 15 Mar 2017, at 12:02, Willy Tarreau wrote:
> Hi Cyril!
>
> On Wed, Mar 15, 2017 at 11:48:01AM +0100, Cyril Bonté wrote:
> > As a reminder (to me), I sent a patch in december (just before the 1.7.0
> > release), which immediately closes the HTTP keep-alived connections.
> > Currently,
On Tue, 28 Feb 2017, at 06:24, Mark S wrote:
> Hi Folks,
>
> This is a strange one and I haven't yet been able to duplicate. But I
> wanted to report the description of what did happen in case it was either
> a known issue or one that would seem likely based on the code.
>
> The servers in
On Fri, 10 Feb 2017, at 16:21, Piotr Kubaj wrote:
> Please try the corrected patches. Before Haproxy was kind of unstable.
> Now it seems to work fine. I also changed tests for defined
> LIBRESSL_VERSION_NUMBER to testing LibreSSL version to keep the older
> versions working.
>
> On 17-02-10
the moment for the project but I am
> trying to Implement it and all suggestions are welcome.
>
>
> regards,
> Thilina Manamgoda
—
Dave Cottlehuber
+43 67 67 22 44 78
Managing Director
Skunkwerks, GmbH
http://skunkwerks.at/
ATU70126204
Firmenbuch 410811i
> > Am 16.11.2016 um 15:39 schrieb Willy Tarreau:
> > >
> > > Same here. What is annoying is that every time it appears, it's protected
> > > by a #if OPENSSL_VERSION_NUMBER >= 1.1.0 so that means that LibreSSL is
> > > spoofing OpenSSL version numbers without providing compatibility. If so,
> >
On Thu, 10 Nov 2016, at 13:53, Malcolm Turnbull wrote:
> Georg,
>
> That's a timely reminder thanks:
> I just had another chat with Simon Horman who has kindly offered to
> take a look at this again.
Sounds great!
I'm very interested in logging this continually via chrooted unix
socket,
into
22 matches
Mail list logo
