hmm. it says:
: 'stick' ignored because frontend 'nocache' has no backend capability.
it seems it has to be on the backend..
When set on the backend, I get an entry in the list:
# table: kk.dk-ds-backend, type: ip, size:1024, used:1
0x14b25c8: key=10.27.174.10 use=0 exp=296637 server_id=0 gpc0=0
(with stick table of type ip)
and with stable table type string:
# table: kk.dk-ds-backend, type: string, size:1024, used:1
0x1d84d18: key=10.27.174.10 use=0 exp=267770 server_id=1 gpc0=0
the key (10.27.174.10) is the ip of the haproxy server.. :(
And no matter - it denied EVERY request to the server when I set the
block.. :(
So when I have 3 backends - behind the same frontend, I have
Jarno Huuskonen wrote on 03/24/2015 02:23 PM:
Hi,
On Tue, Mar 24, Klavs Klavsen wrote:
#create a stick-table of 30 IPs for storing active IPs, 5 minute timeout
stick-table type ip size 30 expire 5m store gpc0
#populate the table with the X-Forwarded-For header
stick store-request hdr(X-Forwarded-For)
You've created type ip stick table, but I think hdr(X-Forwarded-For)
returns a string. Do you see any entries in the stick table:
show table nocache -> to stats socket
Maybe it's possible to use one of the converters
to map str -> ip
(http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#7.3.1-map)
or try with a string stick table:
http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4-stick-table
-Jarno
--
Regards,
Klavs Klavsen, GSEC - [email protected] - http://www.vsen.dk - Tlf. 61281200
"Those who do not understand Unix are condemned to reinvent it, poorly."
--Henry Spencer
