Hi Fred,
#proxy/haproxy -V -d -f /proxy/lr.cfg -n 8192
Available polling systems :
select : pref=150, test result OK
kqueue : disabled, test result OK
poll : disabled, test result OK
Total: 3 (1 usable), will use select.
Using select() as the polling mechanism.
Does it work if you
Hi All,
I'm trying to collect some statistics of haproxy server. Here is what
I'm not able to understand.
If possible any body can help me out with this.
This is the command which is running and giving stats to collectd and
the graphs are generated on graphite.
echo 'show stat' |
Hello,
Ok, i update the server to 1.5 version but i have some troubles between
stick-table and the acl.
Before, i had:
listen host1 *:80
...
mode http
acl block_invalid_client hdr_sub(True-Client-IP) -f true-client-ip.lst
block if block_invalid_client
...
Now, i
HA-Proxy version 1.4.20 2012/03/10
Copyright 2000-2012 Willy Tarreau w...@1wt.eu
Build options :
TARGET = freebsd
CPU = generic
CC = gcc
Default settings :
maxconn = 1024, bufsize = 8030, maxrewrite = 1030, maxpollevents = 200
Encrypted password support via crypt(3): no
I run SSL Explorer to provide a secure(ish) method of accessing
internal resources.
I have HAProxy in front of SSL Explorer doing SSL termination (and
limiting the ciper choice to ameliorate BEAST etc).
I upgraded from 1.5dev18-30 to 1.5dev18-50 and the SSL Explorer agent
now fails to connect
Hi,
According to the ciphersuites, I hope to use ECC-based certificate and
RSA-based certificate.
This is possible?
Thanks,
seri
Hi Arne!
I'd be very happy to step through individual 1.5dev18 releases after
30 untill I find the one that breaks SSL Explorer, but I have a
slight problem in that I haven't got a clue on how to check out each
individual release from git.
You can use git bisect to do this:
On Thu, May 30, 2013 at 1:28 PM, Lukas Tribus luky...@hotmail.com wrote:
Hi Arne!
I'd be very happy to step through individual 1.5dev18 releases after
30 untill I find the one that breaks SSL Explorer, but I have a
slight problem in that I haven't got a clue on how to check out each
18-38 is fine, 18-39 it is broken.
18-39 would be the commit
http://git.1wt.eu/web?p=haproxy.git;a=commit;h=7c41a1b59b005a75914121a604ede449374b8de7
I've removed the other parts of the config, but the relevant sections
are of the haproxy.cfg look like
local@haproxy-2:~$ cat
On Thu, May 30, 2013 at 2:53 PM, shouldbe q931 shouldbeq...@gmail.com wrote:
18-38 is fine, 18-39 it is broken.
18-39 would be the commit
http://git.1wt.eu/web?p=haproxy.git;a=commit;h=7c41a1b59b005a75914121a604ede449374b8de7
working version haproxy -vv
HA-Proxy version 1.5-dev18-38
Hi Arne,
can you start haproxy with the debug options enabled (-d) and catch the
output while a request fails?
Thanks,
Lukas
On Thu, May 30, 2013 at 3:11 PM, Lukas Tribus luky...@hotmail.com wrote:
Hi Arne,
can you start haproxy with the debug options enabled (-d) and catch the
output while a request fails?
Thanks,
Lukas
I ran sudo haproxy -d -f /etc/haproxy/haproxy.cfg haproxy-d.log
21 to capture the log
# /proxy/haproxy -vv -c -f l2cr.cfg
Available polling systems :
kqueue : pref=300, test result OK
#proxy/haproxy -V -d -f /proxy/lr.cfg -n 8192
Available polling systems :
select : pref=150, test result OK
You are comparing two different configurations, are you sure non of them
Hello,
Lr.cfg and l2cr.cfg are both the same files :)
-Mensagem original-
De: Lukas Tribus [mailto:luky...@hotmail.com]
Enviada em: quinta-feira, 30 de maio de 2013 12:46
Para: Fred Pedrisa; haproxy@formilux.org
Assunto: RE: Help with kQueue
# /proxy/haproxy -vv -c -f l2cr.cfg
# ./haproxy -d -f /proxy/l2cr.cfg -n 8192
Available polling systems :
kqueue : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result FAILED
Total: 3 (2 usable), will use kqueue.
Using kqueue() as the polling mechanism.
Here is what happens
I continue trying configurations, looking in the list and some blogs, but i
can't ban ips from a stick table or i don't know how. The last that i try:
backend host:80
stick-table type ip size 1m store gpc0
http-request deny if hdr_sub(True-Client-IP) #How i check here if the
IIRC, the meanings are:
# 33. rate: number of sessions per second over last elapsed second
== Number of sessions initiated at the TCP level over the last second,
irrespective of the HTTP response.
# 39. hrsp_1xx: http responses with 1xx code
# 40. hrsp_2xx: http responses with 2xx code
#
Hi ,
Others who have found similar problems with openam application ,have solved it
by making changes in tomcat (That solution hasn't worked for us unfortunately)
,Hence the need to solve it at the ssl offloader software.
http://lists.forgerock.org/pipermail/openam/2011-June/001870.html
Hope
Hi Fred,
Here is what happens with the latest version, looks like it will use kqueue
!! but select fail ? :D
I guess you have a maxsock FD_SETSIZE condition, which in recent releases
disables select(). See [1] and [2].
I'm not sure what bug/change you run into, but I guess its enough to know
Hello,
Yes, surely !
Seems with kqueue the CPU usage, reduces in 50%, which is great.
I am using haproxy as a regular TCP Proxy for tcp applications (not for
websites).
Do you know if they plan to add FTP Protocol support ? I Know how to
configure it work with passive mode, which isn't hard,
20 matches
Mail list logo
