Has anyone had any luck in setting HAPROXY up as a front end for terminal services clusters? My connections keep dropping, but have become a bit more reliable since my last email on the topic with the following conf file:
# this config needs haproxy-1.1.28 or haproxy-1.2.1 global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 #chroot /usr/share/haproxy user haproxy group haproxy daemon #debug #quiet defaults log global mode http option httplog option dontlognull retries 3 option redispatch maxconn 2000 # Time to wait for the opening connection to a server to succeed. 5000ms=5sec contimeout 10000 # Time to wait for a client to respond to packets. Set below to 50000ms=50sec timeout client 50000 # Time to wait for a server to respond to packets. Set below to 50000ms=50sec timeout server 50000 option srvtcpka listen rdp 0.0.0.0:3389 mode tcp # All three tcpka options: TCP protocol, Keep alive. All of them are suggested for sessions with long amounts of idle time such as remote desktops. # option tcpka option clitcpka option srvtcpka option redispatch option tcplog #Balance specifies load balance method. Search "http://haproxy.1wt.eu/download/1.3/doc/configuration.txt" for "balance roundrobin" to see all the available modes and what they do. balance roundrobin # # NOTES ABOUT STATEMENTS AND PARAMETERS BELOW IN MATCHING ORDER. # # "server" is a haproxy internal statement # `server name` can be listed as anything.. i put the real name for clarity # "IP:port#" if you don't know this you need to wipe the drule off your chin. # "check" see if the server is up # "port #" what port to check. I'm not sure this is needed since the port is already specified with the IP. Can't hurt # "inter" interval to run the check in ms. 1000ms = 1sec # "fastinter #". By default a server is checked 3 times then determined to fail. This specifies if it fails the first check, the next will happen at the interval specified. 500ms=0.5 sec. # "downinter #". Oposite of fastinter, this specifies how long the waits should be between checks when a server has been determined to be down. To reduce network traffic I have set this to 10000ms, which is 10seconds. # server nt1s77 10.58.240.248:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 # server nt1s21z 10.12.20.172:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 # server dcwh03 10.12.20.150:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 # server nt1s23vm 10.12.20.116:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 # server dceoc01 10.2.128.250:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 server tswh01 10.14.3.111:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 server tswh02 10.14.3.102:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 server tswh03 10.14.3.113:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 server tswh04 10.14.3.104:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 server tslec01 10.14.3.131:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 server tslec02 10.14.3.122:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 server tslec03 10.14.3.133:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 server tslec04 10.14.3.134:3389 check port 3389 inter 2000 fastinter 500 downinter 10000 # Web stats interface listen admin_stats 10.14.2.157:8080 mode http stats uri / stats realm Global\ statistics stats auth admin:fakepassword balance roundrobin #errorloc 502 http://192.168.114.58/error502.html #errorfile 503 /etc/haproxy/errors/503.http errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http Paul K. Dickson Systems Administrator Frederick County Government, IIT pdick...@fredco-md.net 301-600-2399/x12399 ------ End of Forwarded Message