We are currently running load tests with ssl, the ssl is terminated on our
back-end servers how ever we notice that some do not get any traffic at all.
Seems like the after about 5 min or so some starts to get traffic and then
others stop and you can see that we have stuff thats being queued up on
other servers while some get nothing from this screen shot
http://grab.by/r5Fa
Our config.. which looks like this..
global
#log /dev/log local0 #notice
maxconn 560000
#tune.bufsize 128000
user netcom
group netcom
pidfile /home/netcom/haproxy.pid
daemon
#nbproc 7
#debug
#quiet
defaults
log global
#mode http
mode tcp
### Options ###
#option httplog
#option tcplog
#option logasap
#option dontlog-normal
#option dontlognull
option redispatch
#option httpchk GET /?method=echo HTTP/1.1
option tcp-smart-accept
option tcp-smart-connect
#option http-server-close
#option httpclose
#option forceclose
### load balance strategy ###
#balance leastconn
balance roundrobin
### Other ###
retries 5
maxconn 560000
backlog 100000
### Timeouts ###
#timeout client 25s
timeout client 60s
#timeout connect 5s
timeout connect 60s
#timeout server 25s
timeout server 60s
timeout tunnel 3600s
timeout http-keep-alive 1s
#timeout http-request 15s
timeout http-request 60s
#timeout queue 30s
timeout queue 30s
timeout tarpit 60s
listen stats *:1212
mode http
stats enable
stats show-node
stats show-desc xxxProxy
stats realm xxxProxy\ Statistics
stats auth xxx:xxx
stats refresh 5s
stats uri /
###### HTTPS ######
frontend https-in
bind *:2222
bind *:2323
#acl user_request url_reg method=user.register
acl user_request dst_port 2323
use_backend user_group_https if user_request
default_backend other_group_https
backend user_group_https
stick-table type ip size 200k expire 1m
stick on src
server n2 x.195:2222 maxconn 35000 check port 8097 inter 2000
server n10 x.197:2222 maxconn 35000 check port 8097 inter 2000
server n13 x.199:2222 maxconn 35000 check port 8097 inter 2000
server n15 x.201:2222 maxconn 35000 check port 8097 inter 2000
server n21 x.202:2222 maxconn 35000 check port 8097 inter 2000
server n30 x.173.126:2222 maxconn 35000 check port 8097 inter 2000
backend other_group_https
stick-table type ip size 200k expire 1m
stick on src
server n3 x.196:2222 maxconn 35000 check port 8097 inter 2000
server n11 x.198:2222 maxconn 35000 check port 8097 inter 2000
server n14 x.200:2222 maxconn 35000 check port 8097 inter 2000
server n22 x.203:2222 maxconn 35000 check port 8097 inter 2000
server n16 x.173.122:2222 maxconn 35000 check port 8097 inter 2000
server n31 x.204.245:2222 maxconn 35000 check port 8097 inter 2000
server n32 x.204.246:2222 maxconn 35000 check port 8097 inter 2000
server n9 x.123:2222 maxconn 35000 check port 8097 inter 2000
server n18 x.124:2222 maxconn 35000 check port 8097 inter 2000
server n19 x.125:2222 maxconn 35000 check port 8097 inter 2000
###### HTTP ######
frontend http-in
bind *:1111
#acl user_request url_reg method=user.register
acl user_request dst_port 2323
use_backend user_group_http if user_request
default_backend other_group_http
backend user_group_http
stick-table type ip size 200k expire 1m
stick on src
server n2 x.195:1111 maxconn 35000 check port 8097 inter 2000
server n10 x.197:1111 maxconn 35000 check port 8097 inter 2000
server n13 x.199:1111 maxconn 35000 check port 8097 inter 2000
server n15 x.201:1111 maxconn 35000 check port 8097 inter 2000
server n21 x.202:1111 maxconn 35000 check port 8097 inter 2000
server n30 x.126:1111 maxconn 35000 check port 8097 inter 2000
backend other_group_http
stick-table type ip size 200k expire 1m
stick on src
server n3 x.196:1111 maxconn 35000 check port 8097 inter 2000
server n11 x.198:1111 maxconn 35000 check port 8097 inter
2000
server n14 x.200:1111 maxconn 35000 check port 8097 inter
2000
server n22 x.203:1111 maxconn 35000 check port 8097 inter
2000
server n16 x.173.122:1111 maxconn 35000 check port 8097
inter 2000
server n31 x.245:1111 maxconn 35000 check port 8097 inter
2000
server n32 x.246:1111 maxconn 35000 check port 8097 inter
2000
server n9 x.173.123:1111 maxconn 35000 check port 8097 inter
2000
server n18 x.173.124:1111 maxconn 35000 check port 8097
inter 2000
server n19 x.173.125:1111 maxconn 35000 check port 8097
inter 2000
any pointers as to what might be wrong?
HA-Proxy version 1.5-dev19 2013/06/17
Copyright 2000-2013 Willy Tarreau <[email protected]>
Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -m64 -march=x86-64 -O2 -g -fno-strict-aliasing
OPTIONS = USE_EPOLL=1 USE_OPENSSL=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200
Encrypted password support via crypt(3): yes
Built without zlib support (USE_ZLIB not set)
Compression algorithms supported : identity
Built with OpenSSL version : OpenSSL 1.0.1e 11 Feb 2013
Running on OpenSSL version : OpenSSL 1.0.1e 11 Feb 2013
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built without PCRE support (using libc's regex instead)
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT
IP_FREEBIND
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
