On 1/15/2015 1:30 PM, Shawn Heisey wrote:
> Let's say that I have a server named 'friday' in my backend, and it has
> "cookie friday" on the server line. Let's also say that the web server
> sets the JSESSIONID with that server name in it, like this:
>
> JSESSIONID=6ED8B9D4544820B2C073579E17BF3A6
Let's say that I have a server named 'friday' in my backend, and it has
"cookie friday" on the server line. Let's also say that the web server
sets the JSESSIONID with that server name in it, like this:
JSESSIONID=6ED8B9D4544820B2C073579E17BF3A67.friday
If I use "cookie JSESSIONID" in the backen
Lukas Tribus wrote, On 01/15/2015 09:06 PM:
Imagine the 192.168.100.100 is a public IP (for example 1.2.3.4),
and the others are private IPs as they indeed are (192.168.*).
The reason for me is to use internally (ie. between the proxy server
and the backend server) only the private IPs.
The rem
We enable send-proxy for ssl connections, and have the patched apache module to
deal with proxyprotocol.
>From Mac OS, we see it works as designed. But when we repeat the same test
>using ipad, then we the connection rejected. iPad cannot establish the
>connection to haproxy over ssl.
What sho
> Imagine the 192.168.100.100 is a public IP (for example 1.2.3.4),
> and the others are private IPs as they indeed are (192.168.*).
> The reason for me is to use internally (ie. between the proxy server
> and the backend server) only the private IPs.
The remote IP that your backend sees will be t
Lukas Tribus wrote, On 01/15/2015 08:31 PM:
As said in the inital posting, the IP of the proxy server is 192.168.100.100
and public port 1234; it needs to be forwarded to the 2nd IP 192.168.100.101
port 5678, and from there to the backend server 192.168.100.102:.
The key question is: what
> As said in the inital posting, the IP of the proxy server is 192.168.100.100
> and public port 1234; it needs to be forwarded to the 2nd IP 192.168.100.101
> port 5678, and from there to the backend server 192.168.100.102:.
The key question is: what is the reason you don't bind to 192.168.1
Hi!
> just a thought... wouldn't it make sense to add an option to "tcp-request
> connection reject" to disable the actual TCP RST?
I don't see how. The socket is immediately close()'ed when it hits "tcp-request
connection reject", this is as cheap as it gets.
> So, an attacker tries to (keep
Lukas Tribus wrote, On 01/15/2015 07:24 PM:
Portforwarding to a different IP on the same haproxy-box causes haproxy behave
buggy.
This error happens when one uses the TPROXY target for portforwarding,
ie. like this:
Let's say the IP of the main interface is 192.168.100.100,
and traffic from ou
Hi!
> Hello folks,
>
> I'd like to use the proxy / webirc feature of ngIRCd. For that, it is
> required that the proxy sends the following command at the beginning of
> the communication :
>
> WEBIRC
>
> (see http://ngircd.barton.de/doc/Protocol.txt, section II.4)
>
> How can I do this in my
Hi,
> Portforwarding to a different IP on the same haproxy-box causes haproxy behave
> buggy.
> This error happens when one uses the TPROXY target for portforwarding,
> ie. like this:
>
> Let's say the IP of the main interface is 192.168.100.100,
> and traffic from outside to port 1234 shall be f
We use leastconn to work arond Java apps having to GC (so GCing machine
gets less connections while full GC runs).
The "problem" with using it for HTTP is that it can be pretty uneven
with a lot of short-lived connections, but so far that was not a problem for
us, we usually use leastconn on app
Hello,
Wishing you all the best for Mobile World Congress Mar-2 -5 2015.
I understand that you are one of the exhibitors in Mobile World Congress
Mar-2 -5 2015. Would you be interested in acquiring an attendee list (or)
sending a pre-conference invitation to attendees?
We can also pr
Hi,
I have no words to thank you.
I hope to show a example config (relevant lines) for example below.
stick mysrcandpathcombo
stick-table type binary 8 size 10m expire 3m store gpc0_rate
stick on base32+src
I still don't understand what to use in a acl.
Regards,
~~
Hi Vivek,
You're correct. I think the situation was that there was a huge influx
of traffic, and some servers went over their tipping point of how much they
can handle quickly. This caused connections to stack up as some servers
choked. Would leastconn give the same perfornance as roundrobin?
I see roubdrobin working perfectly over here. Look at sessions total and
see how they are same for every server.
It seems that all your requests are not the same workload. Some servers or
some requests are taking longer to fulfill and increasing load on servers.
Have you tried using leastconn inst
16 matches
Mail list logo