Hello Dmitry, On Mon, Aug 03, 2009 at 02:24:47PM +0400, Dmitry Sivachenko wrote: > Hello! > > I am trying to setup haproxy 1.3.19 to use it as > TCP load balancer. > > Relevant portion of config looks like: > > listen test 0.0.0.0:17000 > mode tcp > balance roundrobin > server srv1 srv1:17100 check inter 20000 > server srv2 srv2:17100 check inter 20000 > server srv3 srv3:17100 check inter 20000 > > Now imagine the situation that all 3 backends are down > (no program listen on 17100 port, OS responds with Connection Refused). > > In that situation haproxy still listens port 17100 and closes connection > immediately: > > telnet localhost 17101 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > Connection closed by foreign host. > > Is it possible to configure haproxy so it will stop listening the port > when all backends are down? So clients will receive > Connection Refused as if none listens TCP port at all?
No it's not, and it's not only a configuration issue, it's an OS limitation. The only way to achieve this is to stop listening to the port then listen again to re-enable the port. On some OSes, it is possible. On other ones, you have to rebind (and sometimes close then recreate a new socket). But once your process has dropped privileges, you can't always rebind if the port is <1024 for instance. So instead of having various behaviours for various OSes, it's better to make them behave similarly. I have already thought about adding an OS-specific option to do that, but I have another problem with that. Imagine that your servers are down. You stop listening to the port. At the same time, someone else starts listening (eg: you start a new haproxy without checking the first one, or an FTP transfer uses this port, ...). What should be done when the servers are up again ? Haproxy will not be able to get its port back because someone else owns it. So, by lack of a clean and robust solution, I prefer not to experiment in this area. Regards, Willy
