Wow, thanks for that response. That makes total sense since I knew it couldn't be coincidence that the active connections kept running at 2000 in the log file. I actually read the entire manual trying to make sure I had at least a passing knowledge of all the parameters but I read it through before really understanding that haproxy runs as a single process so that critical bit didn't jump out at me (maxconn under the global section).
One question though, in your blog posting here referencing Exchange 2013 proxying ( http://blog.haproxy.com/2012/12/17/microsoft-exchange-2013-load-balancing-with-haproxy/) you have a maxconn on the backend of 10000 but no matching global maxconnn setting, would you not also be limited to 2000 instances in this case? You have the backlog set but with so many clients using outlook/android/iphone and the msprpc "prtocol" that hang on to 2 connections apiece wouldn't that make it impossible to ever get close to 10000 connections? Also, I assume this also means that http-no-delay is unnecessary to set and it would be better to just set more appropriate timeouts? And again, thanks for the response. I should have asked weeks ago, but I always like to make sure I have done my own research before bothering anyone else. I imagine this is something you have pointed out many times to many people just starting with haproxy. Thanks, Tod ----- Original Message ----- From: Baptiste <[email protected]> To: Tod Schmidt <[email protected]> Cc: Lukas Tribus <[email protected]>; "[email protected]" <[email protected]> Sent: Tuesday, February 10, 2015 4:58 PM Subject: Re: SSL Performance Issues with Exchange 2010 tod, You're missing a global section and a maxconn into this section. By default, HAProxy allows only 2000 connection on the process and you're running our of free connections. Please add this in your production server and report us how it works: global maxconn 20000 Baptiste
