On Wed, Aug 16, 2017 at 10:27:58AM +0200, Maxim Bourmistrov wrote:
> 
> Once connection is established, state is created in PF. Subsequent requests 
> will be ???pipelined???.
> It is possible to influence this behavior by manipulating tcp.established in 
> pf.conf,
> but I don???t think this is what you want.
> 

This is not correct. The problem is keep-alive and the fact the once a
backend is selected by relayd it sticks to it until the session is closed.
This is a bug and something benno@ and I have on our radar to fix.

The workaround for now is to disable keep-alive this can be done by
adding:
        match header set "Connection" value "close"
to your config. The solution is not ideal and will make page load times
slower.

> > 16 aug. 2017 kl. 10:05 skrev Mischa Peters <obs...@high5.nl>:
> > 
> > Hi All,
> > 
> > I have somewhat the following config for relayd running on 6.1.
> > And I am trying to forward certain request paths to different hosts.
> > 
> > table <wwwhost> { xx.xx.xx.131 }
> > table <otherhost> { xx.xx.xx.31 }
> > http protocol httpsfilter {
> >       match request header remove "Proxy"
> >       match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
> >       match request header append "X-Forwarded-By" value 
> > "$SERVER_ADDR:$SERVER_PORT"
> > 
> >       match response header set "Server" value "Sever"
> >       match response header set "X-Powered-By" value "Power"
> >       match response header set "X-Frame-Options" value "SAMEORIGIN"
> >       match response header set "X-Xss-Protection" value "1; mode=block"
> >       match response header set "X-Content-Type-Options" value "nosniff"
> > 
> >       match request quick path "/crm/" forward to <otherhost>
> > 
> >       tcp { no splice }
> > }
> > relay host_tls {
> >       listen on $ext_addr_v4 port 443 tls
> >       listen on $ext_addr_v6 port 443 tls
> >       protocol httpsfilter
> >       forward to <wwwhost> port 80 check http "/" host example.com code 200
> >       forward to <otherhost> port 80
> > }
> > 
> > I have tried both "match request quick path" and "match request quick url" 
> > but what I noticed is that as soon as you have visited one of the URLs that 
> > needs forwarding to a different host you end up at the <otherhost> for all 
> > subsequent requests.
> > With "match request quick url" this is to be expected as it checks 
> > everything up to /.
> > 
> > For example:
> > 
> > http://example.com/ -> wwwhost
> > http://example.com/crm/ -> otherhost
> > http://exmaple.com/folder/ -> otherhost
> > 
> > Is this expected behaviour for "match request quick path" as well?
> > Is there any way to do this type of load balancing?
> > 
> > Thanx!!
> > 
> > Mischa
> > 
> 

-- 
:wq Claudio

Reply via email to