Not sure if it is called out in our earlier exchange, but i'm using haproxy
v. 1.4.
We were not tracking sessions intentionally. We were using MS Server NLB,
which my research indicates uses IP to maintain affinity.
Thanks to your help I've made a lot of progress.
Taking your advice, i'm trying to configure the stick table, but am getting
an error that complains about the stick and stick-table keywords in the
listen section.
root@haproxysrv:/etc/haproxy# haproxy -f ./haproxy-staging-dev.cfg -c
[ALERT] 096/220142 (8054) : parsing [./haproxy-staging-dev.cfg:34] : unknown
keyword 'stick' in 'listen' section
[ALERT] 096/220142 (8054) : parsing [./haproxy-staging-dev.cfg:35] : unknown
keyword 'stick-table' in 'listen' section
[ALERT] 096/220142 (8054) : Error(s) found in configuration file :
./haproxy-staging-dev.cfg
[ALERT] 096/220142 (8054) : Fatal errors found in configuration.
This is the listen section it is calling out.
listen web.backend_443
mode tcp
balance roundrobin
option ssl-hello-chk
stick-table type ip size 10240k expire 30m
stick on src
bind 10.1.1.1:443
server web.backend 10.1.1.2:443
I've tried a number of variations of the stick/stick-table syntax, and the
error is consistent for all that i tried. Is there a Global or Default
option or requirement I need to add?
TIA for your insight and assistance!
On Fri, Apr 1, 2011 at 12:00 AM, Willy Tarreau <[email protected]> wrote:
> On Thu, Mar 31, 2011 at 04:32:41PM -0600, Don MacArthur wrote:
> > As a practice, we avoid the use of cookies.
>
> Then what does your application use to recognize a client ?
> Haproxy's cookies are just session cookies, not stored cookies. It
> can even make use of the application's cookie.
>
> > I am load balancing HTTP (80), HTTPS (443) and net.tcp (808).
> > Is there a preferred common practice/keyword configuration for
> > accomplishing this with HAProxy?
>
> When dealing with multiple protocols, either you find a common info
> between them two-by-two for each transition (eg: SSL-ID inside HTTPS,
> cookie for HTTPS->HTTP), or you can only rely on things such as the
> IP address, which is limited on the internet (it works fine inside
> enterprises though).
>
> Look at the "stick on src" and "stick table" documentation to see
> how you can use the IP address. But once again, keep in mind that
> an IP address is very poor and unreliable information on the net.
> All users behind the same proxy will go to the same server ; users
> which browse through multiple proxies or via smartphones will have
> a variable IP address which can cause problems with your application.
>
> Regards,
> Willy
>
>
>
