Hi!
First of all I'd like to thank you for such a great software, as Haproxy
is. It is really one of the best opensource projects. And I'm your happy
user for many years :)
But now, I need help in troubleshooting. Recently I've tried to use
distributed sticky-tables, but for some reason they're not synced between
hosts (sometimes they really do, sometimes not).
I have a haproxy-config which looks like following:
peers slb_local
peer slb1 2a02:6b8:0::1:1666
peer slb2 2a02:6b8:0::2:1666
frontend test
…
stick-table type ipv6 size 100 peers slb_local store
http_req_rate(10s),http_err_rate(10s),conn_rate(10s)
http-request track-sc0 src
…
I have only one client on top of haproxy. Tcpdump shows some traffic over
port tcp/1666 between hosts (connections are established, no firewall
problems here). But counters differ both in 1.7.9 haproxy and 1.8.0
versions of haproxy.
When both balancers are serving requests:
‘echo "show table test" | socat stdio /var/run/haproxy.sock’ from slb1:
# table: test, type: ipv6, size:100, used:1
0x7f2a38592b84: key=fdee:fdee:0:3400::2:225 use=34 exp=0
conn_rate(1)=15905 http_req_rate(1)=15905 http_err_rate(1)=0
>From slb2:
# table: test, type: ipv6, size:100, used:1
0x7fccb877bb24: key=fdee:fdee:0:3400::2:225 use=28 exp=0
conn_rate(1)=15941 http_req_rate(1)=15941 http_err_rate(1)=0
When one of them is blocked with firewall from external traffic:
# table: test, type: ipv6, size:100, used:1
0x7f2a38592b84: key=fdee:fdee:0:3400::2:225 use=94 exp=0
conn_rate(1)=32786 http_req_rate(1)=32786 http_err_rate(1)=0
# table: test, type: ipv6, size:100, used:1
0x7fccb877bb24: key=fdee:fdee:0:3400::2:225 use=0 exp=0 conn_rate(1)=0
http_req_rate(1)=0 http_err_rate(1)=0
Version:
HA-Proxy version 1.8.0-4 2017/11/29
Copyright 2000-2017 Willy Tarreau
Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4
-Wformat -Werror=format-security -D_FORTIFY_SOURCE=2
OPTIONS = USE_GETADDRINFO=1 USE_ZLIB=1 USE_REGPARM=1 USE_THREAD=1
USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1 USE_TFO=1 USE_NS=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with OpenSSL version : OpenSSL 1.0.1f 6 Jan 2014
Running on OpenSSL version : OpenSSL 1.0.1f 6 Jan 2014
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : SSLv3 TLSv1.0 TLSv1.1 TLSv1.2
Built with Lua version : Lua 5.3.1
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT
IP_FREEBIND
Encrypted password support via crypt(3): yes
Built with multi-threading support.
Built with PCRE version : 8.31 2012-07-06
Running on PCRE version : 8.31 2012-07-06
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Built with zlib version : 1.2.8
Running on zlib version : 1.2.8
Compression algorithms supported : identity("identity"),
deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with network namespace support.
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace
--
Best regards,
Maksim Kupriianov