On 7 April 2011 10:12, Willy Tarreau <[email protected]> wrote:
> Hi John,
>
> On Wed, Apr 06, 2011 at 05:27:09PM +0100, John Helliwell wrote:
> > Hi,
> >
> > Another one for Solaris!
>
> Thanks for the report, this one is not solaris-specific, as
> we could reproduce it here on Linux too. While checking for it,
> we found another one. Both were introduced in 1.5-dev5. You can
> get them here :
>
>
> http://git.1wt.eu/web?p=haproxy.git;a=commitdiff_plain;h=442452034e1a3bed25201af033847a59b60748e9
>
> http://git.1wt.eu/web?p=haproxy.git;a=commitdiff_plain;h=c9f6011760b2e829421c4b57f9b04169734a2cb4
>
> Cheers,
> Willy
>
>
Hi Willy,
That's fantastic - I have applied the patches, and can confirm that
stick-tables now work as I imagined they would. (I have deliberately
obscured the full IP address of my poor victim below :-) )
> show table dynamic-content data.conn_rate gt 2
# table: dynamic-content, type: ip, size:1048576, used:102
661e74: key=86.10.xx.xx use=0 exp=13394 conn_rate(30000)=3
I think the next step is to place this in use on one of the four the live
site haproxies, run a day's traffic though it (about 12GB per haproxy box),
and monitor the stability and latencies throughout the day. Last night the
site peaked at 20Mbits/sec and haproxy didn't even break into a sweat -
thoroughly impressive.
We had problems though when one of our users left a book on his keyboard,
which sent 2500 browser refreshes per minute to a dynamic content PHP driven
site, which is why we want to introduce per-user flood protection...
Tomorrow, I might even put the use_backend flood-protection if {
sc1_get_gpc0 gt 0 } clause live!
Thanks again Willy!
Best Regards
John.
--
John Helliwell
