Hi all,
I've several socks5 servers running locally on the following ports:
127.0.0.1:1081
127.0.0.1:1082
127.0.0.1:1083
127.0.0.1:1084
All of them can be anonymous accessed locally, I want to balance the
using of them for offering one robust socks5 proxy on 127.0.0.1:8889.
So, I using the following config:
--------------
global
maxconn 4096
daemon
nbproc 3
defaults
mode tcp
retries 3
option redispatch
timeout connect 3000
timeout server 5000
timeout client 5000
listen socks5-balance
bind 0.0.0.0:8889
balance roundrobin
server socks5-1 127.0.0.1:1081 check
server socks5-2 127.0.0.1:1082 check
server socks5-3 127.0.0.1:1083 check
server socks5-4 127.0.0.1:1084 check
---------------
The above configuration can work smoothly, but I want to do further
health checking based on the the following google's website:
http://client3.google.com/generate_204
I know that the tcp-check option for the server line in the haproxy
can do this job for me.
Basically, I want to let the haproxy simulate the following actions
for health-checking on these socks servers:
curl --socks5 127.0.0.1:1081 http://client3.google.com/generate_204
curl --socks5 127.0.0.1:1082 http://client3.google.com/generate_204
curl --socks5 127.0.0.1:1083 http://client3.google.com/generate_204
curl --socks5 127.0.0.1:1084 http://client3.google.com/generate_204
Based on the instructions given here:
https://blog.yuanbin.me/posts/2018-06/2018-06-30_21-26-14/
I changed my config into the following
-------------
global
maxconn 4096
daemon
nbproc 3
defaults
mode tcp
retries 3
option redispatch
timeout connect 3000
timeout server 5000
timeout client 5000
listen socks5-balance
bind 0.0.0.0:8889
balance roundrobin
option tcp-check
tcp-check connect
tcp-check send-binary 05020001
tcp-check expect binary 0500
tcp-check send-binary 0501000312636c69656e74332e676f6f676c652e636f6d0050
tcp-check expect binary 050000010000000006b5
tcp-check send GET\ /generate_204\ HTTP/1.1\r\n
tcp-check send Host:\ client3.google.com\r\n
tcp-check send User-Agent:\ curl/7.54.0\r\n
tcp-check send Accept:\ */*\r\n
tcp-check send \r\n
tcp-check expect rstring ^HTTP/1.1\ 204
hash-type consistent # optional
server socks5-1 127.0.0.1:1081 check
server socks5-2 127.0.0.1:1082 check
server socks5-3 127.0.0.1:1083 check
server socks5-4 127.0.0.1:1084 check
-------------
But, this time, when I starting the haproxy with the above config, I
meet the following errors:
--------------------
$ sudo haproxy -db -f haproxy.cfg.test
[WARNING] 172/103332 (31229) : Server socks5-balance/socks5-4 is DOWN,
reason: Layer7 invalid response, info: "TCPCHK did not match content
'<05>' at step 5", check duration: 382ms. 3 active and 0 backup
servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
[WARNING] 172/103332 (31229) : Server socks5-balance/socks5-1 is DOWN,
reason: Layer7 timeout, info: " at step 5 of tcp-check (expect string
'<05>')", check duration: 2000ms. 2 active and 0 backup servers left.
0 sessions active, 0 requeued, 0 remaining in queue.
[WARNING] 172/103333 (31229) : Server socks5-balance/socks5-2 is DOWN,
reason: Layer7 timeout, info: " at step 5 of tcp-check (expect string
'<05>')", check duration: 2001ms. 1 active and 0 backup servers left.
0 sessions active, 0 requeued, 0 remaining in queue.
[WARNING] 172/103333 (31229) : Server socks5-balance/socks5-3 is DOWN,
reason: Layer7 timeout, info: " at step 5 of tcp-check (expect string
'<05>')", check duration: 2000ms. 0 active and 0 backup servers left.
0 sessions active, 0 requeued, 0 remaining in queue.
[ALERT] 172/103333 (31229) : proxy 'socks5-balance' has no server available!
--------------------
How to solve this issue, thanks for your time.
Regards
--
Hongsheng Zhao <[email protected]>
Institute of Semiconductors, Chinese Academy of Sciences
GnuPG DSA: 0xD108493
