> haproxy is a tcp (layer 3/4) proxy, that can perform application (layer
> 7) functions. i am already doing service checks against my proxies to
> validate their availability. when no pool member is available, haproxy
> knows it. there are no external helpers needed to make this
> determination. the layer 7 capabilities make this possible.
>
> the injection of a RST is part-and-parcel to the tcp proxy
> functionality. i can understand if the functionality in not in haproxy,
> but it is not outside the realm of capability for a t.
The 3 way TCP handshake happens before the application (haproxy) is even
aware of the session, therefor this is only possible if the kernel handles
it (iptables), which is why I said its only possible with external helpers.
Or is what you are requesting to send a RST in the middle of an already
established TCP session?
Please CC the mailing list.
Lukas
