Hi.
Am 30-12-2015 15:57, schrieb Hall, Colton:
Hello, was wondering if you could answer a couple of questions
pertaining to HAPROXY. We are interested in evaluating the product but
not sure it will accomplish our goals. The main concerns are listed
below.
1. Can we set persistency before the session is created or
pre-determine persistency?
Please can you specify 'session'?
Do you plan to use mode TCP or HTTP?
From http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#3.5
####
It is possible to propagate entries of any data-types in stick-tables
between
several haproxy instances over TCP connections in a multi-master
fashion.
...
####
2. What is the duration of the persistent connections?
As documented in
http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#4-stick-table
you can define it as long as you want, more or less ;-).
####
<expire> defines the maximum duration of an entry in the table since
it
was last created, refreshed or matched. The expiration delay
is
defined using the standard time format, similarly as the
various
timeouts. The maximum duration is slightly above 24 days.
See
section 2.2 for more information. If this delay is not
specified,
the session won't automatically expire, but older entries
will
be removed once full. Be sure not to use the "nopurge"
parameter
if not expiration delay is specified.
####
We have a requirement in that we need to predetermine session
persistency based on source IP addresses, ie user A connects to server
C
only via proxy H and user B connects to server D only via proxy H.
The question is what should happen wehn user A hits server C not over
proxy H?
What should happen wehn user B hits server D not over proxy H?
A redirect over HTTP?
A connection refuse over TCP?
... ?
You can create something like in the example shown at the documentation.
http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#4-stick%20store-request
Please let us know if HAPROXY is able to accomplish this requirement.
Maybe ;-)
Please take a look into the suggested documentation links and please let
us know the answers to the questions above.
Best Regards
Aleks
Colton Hall
Senior Network Architect
AAMVA
703.908.2803 office
703.459.7323 mobile
ch...@aamva.org
Safe Drivers ▪ Safe Vehicles ▪ Secure Identities ▪ Saving Lives
_THIS EMAIL MESSAGE MAY CONTAIN PRIVILEGED OR CONFIDENTIAL
INFORMATION,
AND IS FOR THE USE OF INTENDED RECIPIENTS ONLY. DO NOT SHARE WITH OR
FORWARD TO ADDITIONAL PARTIES EXCEPT AS NECESSARY TO CONDUCT THE
BUSINESS FOR WHICH THIS EMAIL (AND ATTACHMENTS) WAS CLEARLY INTENDED.
IF
YOU HAVE RECEIVED THIS MESSAGE IN ERROR, PLEASE IMMEDIATELY ADVISE THE
SENDER BY REPLY EMAIL AND THEN DELETE THIS MESSAGE._
