Carlo Granisso wrote: > Hello everybody, I have a problem with haproxy (1.3.17) and kernel 2.6.29 > > I have successfully recompiled my kernel with TPROXY modules and installed > haproxy (compiled from source with tproxy option enabled) and installed > iptables 1.4.3 (that have tproxy patch). > Now I can't use transparent proxy function: if I leave in haproxy.cfg this > line "source 0.0.0.0 usesrc clientip" haproxy say "503 - Service > unavailable". > If I comment out the line, everything work fine (without transparent proxy). > > My situation: > > haproxy with two ethernet device: first one for public IP, sceond one for > private IP (192.168.XX.XX) > two web server with one ethernet for each one connected to my private > network. > > > > Have you got ideas or you can provide me examples Hi, I've just set up a transparent proxy with kernel 2.6.28 (the first one with official tproxy support) and haproxy 1.3.15 (the version Debian comes with, but rebuilding the package with the tproxy linux option enabled).
Just make sure your backends route their outgoing traffic through the load balancer, since the response packets with the "fake" address MUST be seen by the load blancer box to undo the transparent-proxy magic. Regards, L. Alberto Giménez
