Re: Question about httplog and backend prot
Am 24.05.2019 um 16:30 schrieb Moemen MHEDHBI: > > On 19/05/2019 00:28, Aleksandar Lazic wrote: >> Hi. >> >> I have the following setup [snipp] >> What variable can I use for the log to see which protocol is used for the >> backend, as with htx the frontend can have different http proto then the >> backend? >> >> I haven't seen any variable in the custom log fields which reflects the >> backend >> protocol. >> https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#8.2.4 >> >> Best regards >> Aleks > > Hey Aleksandar, > > Is "bc_http_major" what you are looking for? > https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#7.3.3-bc_http_major > > But in this case it will be always http1 since there is no alpn > directive in the server line. > > Unless you're looking for the http protocol in the frontend side and > this can be fetched with fc_http_major. > > Anyway you can use the following log-line to see both: > > log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC > %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r > proto_frontend:%[fc_http_major] proto_backend:%[bc_http_major]" Thanks I have overseen it. Regards Aleks
Re: Question about httplog and backend prot
On 19/05/2019 00:28, Aleksandar Lazic wrote: > Hi. > > I have the following setup > > ``` > frontend public_ssl > > bind :::443 v4v6 > > option tcplog > > tcp-request inspect-delay 5s > tcp-request content capture req.ssl_sni len 25 > tcp-request content accept if { req.ssl_hello_type 1 } > > # https://www.haproxy.com/blog/introduction-to-haproxy-maps/ > use_backend > %[req.ssl_sni,lower,map(/usr/local/etc/haproxy/tcp-domain2backend-map.txt)] > > default_backend be_sni > > backend be_sni > server fe_sni 127.0.0.1:10444 weight 10 send-proxy-v2-ssl-cn > > frontend https-in > > # terminate ssl > bind 127.0.0.1:10444 accept-proxy ssl strict-sni alpn h2,http/1.1 crt > /usr/local/etc/haproxy-certs > > mode http > option forwardfor > option httplog > option http-use-htx > option http-ignore-probes > > # https://www.haproxy.com/blog/introduction-to-haproxy-maps/ > use_backend > %[req.hdr(host),lower,map(/usr/local/etc/haproxy/http-domain2backend-map.txt)] > > #- > # backends > #- > > backend nextcloud-backend > mode http > option http-use-htx > option httpchk GET / HTTP/1.1\r\nHost:\ cloud.Domain.com > server short-cloud 127.0.0.1:81 check > ``` > > I know that the backend can't handle h2. > The log line looks like this. > > ``` > :::Client-IP:4552 [18/May/2019:18:21:33.886] https-in~ > nextcloud-backend/short-cloud 0/0/0/53/53 200 691 - - 21/3/0/0/0 0/0 "GET > /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/2.0" > ``` > > What variable can I use for the log to see which protocol is used for the > backend, as with htx the frontend can have different http proto then the > backend? > > I haven't seen any variable in the custom log fields which reflects the > backend > protocol. > https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#8.2.4 > > Best regards > Aleks Hey Aleksandar, Is "bc_http_major" what you are looking for? https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#7.3.3-bc_http_major But in this case it will be always http1 since there is no alpn directive in the server line. Unless you're looking for the http protocol in the frontend side and this can be fetched with fc_http_major. Anyway you can use the following log-line to see both: log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r proto_frontend:%[fc_http_major] proto_backend:%[bc_http_major]" -- Moemen
Question about httplog and backend prot
Hi. I have the following setup ``` frontend public_ssl bind :::443 v4v6 option tcplog tcp-request inspect-delay 5s tcp-request content capture req.ssl_sni len 25 tcp-request content accept if { req.ssl_hello_type 1 } # https://www.haproxy.com/blog/introduction-to-haproxy-maps/ use_backend %[req.ssl_sni,lower,map(/usr/local/etc/haproxy/tcp-domain2backend-map.txt)] default_backend be_sni backend be_sni server fe_sni 127.0.0.1:10444 weight 10 send-proxy-v2-ssl-cn frontend https-in # terminate ssl bind 127.0.0.1:10444 accept-proxy ssl strict-sni alpn h2,http/1.1 crt /usr/local/etc/haproxy-certs mode http option forwardfor option httplog option http-use-htx option http-ignore-probes # https://www.haproxy.com/blog/introduction-to-haproxy-maps/ use_backend %[req.hdr(host),lower,map(/usr/local/etc/haproxy/http-domain2backend-map.txt)] #- # backends #- backend nextcloud-backend mode http option http-use-htx option httpchk GET / HTTP/1.1\r\nHost:\ cloud.Domain.com server short-cloud 127.0.0.1:81 check ``` I know that the backend can't handle h2. The log line looks like this. ``` :::Client-IP:4552 [18/May/2019:18:21:33.886] https-in~ nextcloud-backend/short-cloud 0/0/0/53/53 200 691 - - 21/3/0/0/0 0/0 "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/2.0" ``` What variable can I use for the log to see which protocol is used for the backend, as with htx the frontend can have different http proto then the backend? I haven't seen any variable in the custom log fields which reflects the backend protocol. https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#8.2.4 Best regards Aleks