Dear list!

Author: Sven Ulland <sven.ulland+git...@xeneta.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   MINOR: connection: add TCP keep-alive parameters

Patch title(s): 
   MINOR: connection: add TCP keep-alive parameters

Link:
   https://github.com/haproxy/haproxy/pull/252

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/252.patch && vi 252.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/252.patch | git am -

Description:
   Add configuration parameters to control TCP keep-alives:
   * tcp-
   keepalive-time: Idle time before keep-alive probes are sent
   * tcp-
   keepalive-interval: Interval between keep-alive probes
   * tcp-
   keepalive-count: Number of keep-alive probes to send before giving up
   Tested with TCP and HTTP, and with different settings in the default,
   listen, frontend and backend sections.
   
   Potential issues:
   * Only tested on Linux.
   * Darwin `#ifdef TCP_KEEPALIVE`
   implemented but untested.
   * No Windows support.
   Rationale:
   * HAProxy only allows enabling/disabling TCP keep-
   alives; not controlling parameters.
   * System default parameters
   controllable using sysctl.
   * System defaults apply to all
   connections. Default idle time: 7200 seconds, as required by RFC 1122.
   * The `sysctl` command does not work on Docker containers due to read-
   only procfs.
   * The Docker `privileged` flag could have worked, but
   is unsupported on AWS Fargate.
   * The Docker `sysctl` flag could
   have worked, but is unsupported on AWS Fargate.
   * The Docker Linux
   capability flags could have worked, but are unsupported on AWS
   Fargate.
   * I'm behind a Cisco Meraki NAT gateway that has a fixed
   TCP NAT timeout of 300 seconds, meaning connections are dropped before
   the TCP keep-alive idle time kicks in (default 7200 seconds on Linux).
   Meraki support confirms the fixed 300 second timeout.
   * Instead of
   requiring all clients to increase the TCP keep-alive probe frequency,
   fix it centrally by enabling parameters in HAProxy.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

Reply via email to