Hi michael, Without the send-proxy, the client IP in the export would have to be the haproxy server in that case right?
The issue there is then, that I end up with all clients having access to haproxy can suddenly mount all shares in nfs, which I would like to prevent There’s still different shares that different servers need access to I’ll try not the sample config from the link above! Thanks! Get Outlook for iOS<https://aka.ms/o0ukef> ________________________________ From: Michael Ezzell <mich...@ezzell.net> Sent: Thursday, August 2, 2018 2:38:06 AM To: Lucas Rolff Cc: HAproxy Mailing Lists Subject: Re: Using haproxy together with NFS On Wed, Aug 1, 2018, 16:00 Lucas Rolff <lu...@lucasrolff.com<mailto:lu...@lucasrolff.com>> wrote: I use the “send-proxy” to let the NFS Server see the actual source IP, instead of the haproxy machine IP. You'll probably need remove that. Unless the destination service explicitly supports the Proxy Protocol (in which case, it must not, by definition, process connections where the protocol's preamble is *absent* from the stream), then this would just look like corrupt data. This option doesn't actually change the source address. HAProxy in TCP mode should work fine with NFS -- at least, it does with NFS4.1 as implemented in Amazon Elastic File System -- which is the only version I've tested against. https://serverfault.com/a/799213/153161
