Hi, Yes. I have tried that and it works as expected.
The original information in my last mail as below: >> Then I put source configuration 'source 0.0.0.0 usesrc clientip' in >> backend section, the source function can work well. Best Regards, Godbach
Hi, Have you tried moving the "source" statement directly in the backend? (just to confirm it works as expected). Baptiste On Tue, Apr 23, 2013 at 6:27 AM, Godbach <nylzhao...@gmail.com> wrote:Hi, all I have tested 'source' config in haproxy-1.5-dev18, but it didn't work with the following line in default section: source 0.0.0.0 usesrc clientip Other related settings by iptables and ip rule have been set correctly. There are some codes in cfg_parse_listen() (Line 1812-1815 in lastest commit) to do source function init for a new backend proxy as below if (defproxy.conn_src.iface_name) curproxy->conn_src.iface_name = strdup(defproxy.conn_src.iface_name); curproxy->conn_src.iface_len = defproxy.conn_src.iface_len; curproxy->conn_src.opts = defproxy.conn_src.opts & ~CO_SRC_TPROXY_MASK; The last line of codes will set the value of opts represents such as 'client', 'clientip' and so on in defproxy to current backend proxy. But I was confused that why clear the low three bits. CO_SRC_TPROXY_MASK is defined in include/types/connection.h as below: /* source address settings for outgoing connections */ enum { /* Tproxy exclusive values from 0 to 7 */ CO_SRC_TPROXY_ADDR = 0x0001, /* bind to this non-local address when connecting */ CO_SRC_TPROXY_CIP = 0x0002, /* bind to the client's IP address when connecting */ CO_SRC_TPROXY_CLI = 0x0003, /* bind to the client's IP+port when connecting */ CO_SRC_TPROXY_DYN = 0x0004, /* bind to a dynamically computed non-local address */ CO_SRC_TPROXY_MASK = 0x0007, /* bind to a non-local address when connecting */ CO_SRC_BIND = 0x0008, /* bind to a specific source address when connecting */ }; The low three bits store the configuration of usesrc, they should be copied to the backend proxy without modified. But they were clear in backend proxy actually. Then I put source configuration 'source 0.0.0.0 usesrc clientip' in backend section, the source function can work well. So in my opinion, the code curproxy->conn_src.opts = defproxy.conn_src.opts & ~CO_SRC_TPROXY_MASK; shoulde be modifed as below: curproxy->conn_src.opts = defproxy.conn_src.opts; Best Regards, Godbach
