Has anyone had any luck in setting HAPROXY up as a front end for terminal
services clusters? My connections keep dropping, but have become a bit more
reliable since my last email on the topic with the following conf file:
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
#chroot /usr/share/haproxy
user haproxy
group haproxy
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
maxconn 2000
# Time to wait for the opening connection to a server to succeed.
5000ms=5sec
contimeout 10000
# Time to wait for a client to respond to packets. Set below to
50000ms=50sec
timeout client 50000
# Time to wait for a server to respond to packets. Set below to
50000ms=50sec
timeout server 50000
option srvtcpka
listen rdp 0.0.0.0:3389
mode tcp
# All three tcpka options: TCP protocol, Keep alive. All of them are
suggested for sessions with long amounts of idle time such as remote
desktops.
# option tcpka
option clitcpka
option srvtcpka
option redispatch
option tcplog
#Balance specifies load balance method. Search
"http://haproxy.1wt.eu/download/1.3/doc/configuration.txt"; for "balance
roundrobin" to see all the available modes and what they do.
balance roundrobin
#
# NOTES ABOUT STATEMENTS AND PARAMETERS BELOW IN MATCHING ORDER.
#
# "server" is a haproxy internal statement
# `server name` can be listed as anything.. i put the real name for clarity
# "IP:port#" if you don't know this you need to wipe the drule off your
chin.
# "check" see if the server is up
# "port #" what port to check. I'm not sure this is needed since the port
is already specified with the IP. Can't hurt
# "inter" interval to run the check in ms. 1000ms = 1sec
# "fastinter #". By default a server is checked 3 times then determined to
fail. This specifies if it fails the first check, the next will happen at
the interval specified. 500ms=0.5 sec.
# "downinter #". Oposite of fastinter, this specifies how long the waits
should be between checks when a server has been determined to be down. To
reduce network traffic I have set this to 10000ms, which is 10seconds.
# server nt1s77 10.58.240.248:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
# server nt1s21z 10.12.20.172:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
# server dcwh03 10.12.20.150:3389 check port 3389 inter 2000 fastinter
500 downinter 10000
# server nt1s23vm 10.12.20.116:3389 check port 3389 inter 2000 fastinter
500 downinter 10000
# server dceoc01 10.2.128.250:3389 check port 3389 inter 2000 fastinter
500 downinter 10000
server tswh01 10.14.3.111:3389 check port 3389 inter 2000 fastinter 500
downinter 10000
server tswh02 10.14.3.102:3389 check port 3389 inter 2000 fastinter
500 downinter 10000
server tswh03 10.14.3.113:3389 check port 3389 inter 2000 fastinter
500 downinter 10000
server tswh04 10.14.3.104:3389 check port 3389 inter 2000 fastinter
500 downinter 10000
server tslec01 10.14.3.131:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tslec02 10.14.3.122:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tslec03 10.14.3.133:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tslec04 10.14.3.134:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
# Web stats interface
listen admin_stats 10.14.2.157:8080
mode http
stats uri /
stats realm Global\ statistics
stats auth admin:fakepassword
balance roundrobin
#errorloc 502 http://192.168.114.58/error502.html
#errorfile 503 /etc/haproxy/errors/503.http
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
Paul K. Dickson
Systems Administrator
Frederick County Government, IIT
pdick...@fredco-md.net
301-600-2399/x12399
------ End of Forwarded Message
