Resending, as i didn't see a reply sofar, think it got lost between the other conversations. Would be nice if someone could tell what the problem might be, my config or something in haproxy. Thanks.

Hi haproxy-list,

I have some strange results trying to use unix sockets to connect
backends to frontends.
I'm using 1.5.3 on FreeBSD 8.3. (pfSense)

With the config below the result i get is that srv1,2,3 and 5 are
serving requests correctly (i can put all others to maintenance mode and
the stats keep working).

And srv4 is down because of lastchk: "L6TOUT". It seems to me this
behavior is inconsistent?

If anyone could confirm if this is indeed a problem in haproxy or tell
if there is a reason for this, please let me know.

The config below is just what i narrowed it down to to have an easy to
reproduce issue to find why i was having trouble forwarding a tcp
backend to a ssl offloading frontend..
What i wanted to have is a TCP frontend using SNI to forward connections
to the proper backends. And have a defaultbackend that does
SSLoffloading, and then uses host header to send the requests to the
proper backend. The purpose would be to minimize the load on haproxy
itself, while maximizing supported clients (XP and older mobile devices).

Thanks in advance.
PiBa-NL

global
    daemon
    gid            80
    ssl-server-verify none
    tune.ssl.default-dh-param 1024
    chroot            /tmp/haproxy_chroot

defaults
    timeout connect        30000
    timeout server        30000

frontend 3in1
    bind            0.0.0.0:800
    mode            tcp
    timeout client        30000
    default_backend        local84_tcp

backend local84_tcp
    mode            tcp
    retries            3
    option            httpchk GET /
    server            srv1 127.0.0.1:1000    send-proxy check inter 1000
    server            srv2 /stats1000.socket send-proxy check inter 1000
    server            srv3 127.0.0.1:1001    send-proxy ssl check inter
1000 check-ssl
    server            srv4 /stats1001.socket send-proxy ssl check inter
1000 check-ssl
    server            srv5 /stats1001.socket send-proxy ssl

frontend stats23
    bind 0.0.0.0:1000                         accept-proxy
    bind /tmp/haproxy_chroot/stats1000.socket accept-proxy
    bind 0.0.0.0:1001                         accept-proxy ssl  crt
/var/etc/haproxy/stats23.85.pem
    bind /tmp/haproxy_chroot/stats1001.socket accept-proxy ssl  crt
/var/etc/haproxy/stats23.85.pem
    mode            http
    timeout client        30000
    default_backend        stats_http

backend stats_http
    mode            http
    retries            3
    stats            enable
    stats            uri /
    stats            admin if TRUE
    stats            refresh 1






Reply via email to