Hi Eric,
I think I'm doing what you want but not with a http check
here is how I do this ( it is for Remote desktop but I'm sure the same
trick will work for smtp )
in my haconfig file I define my servers 2 times ( see at the bottom )
The real port 3389 is on the backup server
On the haproxy I redirect traffic destined to port 3300 to 3389, so on
the backend server only port 3389 received connect clients.
When I want to remove 1 server from my pool I just delete my redirect
rule on the haproxy front end. That way existing session will continue
and all new session will go to the other server.
I do the redirect on the haproxy server because I control them but you
could do the redirect trick on the smtp server.
I don't know if this is the way to uses the backup server but it is
working for 2 of my customers since a couples of month.
haproxy.cfg
...
server RDP-1 50.100.30.10 check port 3300
server RDP-1 50.100.30.10 check port 3389 backup
server RDP-2 50.100.30.11 check port 3300
server RDP-2 50.100.30.11 check port 3389 backup
...
Here is the iptables rules that I put on my haproxy server when my 2
server are available:
iptables -t nat -L OUTPUT -n
Chain OUTPUT (policy ACCEPT)
DNAT tcp -- 0.0.0.0/0 50.100.30.10 tcp
dpt:3300 to::3389
DNAT tcp -- 0.0.0.0/0 50.100.30.11 tcp
dpt:3300 to::3389
Feel free to contact me if you want more details
Bye
Guillaume
Eric Schwab a écrit :
We are using haproxy to load balance inbound SMTP traffic across
several servers. At present the load-balancing is done via the
'leastconn' algorithm within haproxy.
We are trying to add some intelligence to give us control over how
inbound SMTP traffic is routed in the event that one or more of those
SMTP servers are in a sub-optimal state, and that state cannot be
determined from a simple connection (or lack thereof) to port 25.
(As a simple example, one of the servers may have a very high queue,
which would not impact its ability to receive new messages via port
25, but we would want to reduce traffic to that particular server.)
Without going into too much more detail, the load-balancing algorithms
within haproxy will not have sufficient information to reroute traffic
the way we would like to.
The ideal scenario for us would be for haproxy to issue an HTTP check
(even though the incoming connections are for an smtp service) to a
destination server in the pool, and upon receiving a 4xx or 5xx level
response, haproxy would pull that server out of the pool, thus not
allowing new SMTP connections -- however not terminating existing
connections.
Is this possible?
--
Guillaume Bourque, B.Sc.,
consultant, infrastructures technologiques
Logisoft Technologies inc.
514 576-7638
http://www.logisoftech.com
