Hi Rainer, On Fri, Sep 17, 2021 at 11:22:02AM +0200, [email protected] wrote: > Hi, > > I run two FreeBSD 12.2 servers with haproxy 2.0.22 in a CARP setup. > > The frontend-interfaces have multiple IPs and I need to have this statement > in at least one backend service: > > source 192.168.185.29 > > This is because the target-service has some whitelisting for this specific > address. > > This has worked well over several years, however recently (maybe with the > upgrade to the 12-series - I can't be sure), it seems that haproxy on the > CARP BACKUP cannot use this configuration anymore - which, upon closer look, > is not totally unreasonable and technically correct. > > I assume, previously it would just ignore the statement and use the > interface IP. > > I've now commented it out on the slave, but it's a bit silly to have to > remember to "fix" the slave manually on switch-over. > > Is there a way to get haproxy to just ignore the source-statement if it > can't use that address for sending (which it obviously can't, when it's not > MASTER)?
There's no such thing available but it would be a very bad idea because it means it would use different paths to check servers depending on the LB's state (master or backup). If you're willing to have this statement ignored when it fails, it means your servers are reachable from the default address, so you should simply remove this "source" statement all the time. And indeed it would be silly to have to adjust the config during a switch-over! Willy
