Hi Baptiste, and thanks for your anwser.
Answers (and more questions maybe) inline too.
Le 01/03/2013 06:52, Baptiste a écrit :
Hi Boris,
My answers inline.
On Fri, Mar 1, 2013 at 5:07 AM, Boris Pigeot <[email protected]> wrote:
So first, my "soon running" configuration http://vpaste.net/j13Tb
I'm using haproxy in front of 3 lighttpd.
I have 3 "listen", we received some DOS, so sometimes we have to nullroute
one of the IP, so we can keep 2/3 of our trafic.
There is only one backend for now, the "backup" is just on another port for
testing.
So *first*, do you see anything really wrong with my config file ?
Yes:
option http-server-close
option forceclose
are mutually incompatible and from the rest of your mail, I can see
"forceclose" takes the precedence.
OK, so I take of this forceclose, I was quite sure one of this two
options was the blocking one.
I just updated my kernel to 3.7.10 to see if there is, or not any
amelioration, I can't feel the difference for know (I'm the only one on this
haproxy).
this is more a question of kernel stability than performance...
ok, for me "fastopen", I just saw the "fast" ;)
Before the SSL handle, I was using a lighttpd in front => localhost: haproxy
=> backend lighttpd.
*Other question* : I have a little bittorrent tracker, running on C++, since
2 days, I'm trying to find on Google some information on "how to get the X
Forward header".
char ip[INET_ADDRSTRLEN];
inet_ntop(AF_INET, &(client_addr.sin_addr), ip, INET_ADDRSTRLEN);
std::string ip_str = ip;
Should be in something arround this, I tried to find some stuff in HAProxy
sources, but I'm not very familiar with this.
what is your problem here?
Your HAProxy setup already inserts a X-Forwarded-For header.
My problem isn't haproxy related, it's more "how to get" this X Forward
in "C++".
For PHP $_SERVER[... ok
For C++ ? No idea at all
*Other Quesiton* : Any idea, maybe it could be a feature request, to add
haproxy "user agent" on check.
You mean on health check?
If so:
option httpchk GET / HTTP/1.0\r\nUser-Agent:\ Mozilla/6.0
don't forget to backslash spaces.
Arf, so simple...
*Keep Alive question* : On my ACL munin (the only page where I can have a
real use of keepalive because of the number of images), I can't find a valid
method to activate keepalive.
remove the option forceclose and it may work.
That's all for now, thanks in advance if you can help me, or just if you
read this entire message.
Boris.
Baptiste
Thanks again for all this precious informations ;)
