Can I perhaps do something like:
tcp-request content track-sc2 hdr(X-Forwarded-For)
acl conn_limit_hit sc2_conn_cur gt 2
?
Klavs Klavsen wrote on 03/24/2015 01:11 PM:
Hi,
We would like to limit how many connections a given IP can send to our
backend.
Our setup is like this:
haproxy -
No, Ha just replied with that same message to a ton of different
threads on the mailing list.
On Tue, Mar 24, 2015 at 6:10 AM, Pierre Ozoux pie...@ozoux.net wrote:
Hi!
I don't understand, do you mean that HAProxy OCSPStappling is easier now?
Can you point to the documentation?
Thanks,
Hi,
On Tue, Mar 24, Klavs Klavsen wrote:
#create a stick-table of 30 IPs for storing active IPs, 5 minute timeout
stick-table type ip size 30 expire 5m store gpc0
#populate the table with the X-Forwarded-For header
stick store-request hdr(X-Forwarded-For)
You've created type ip stick table,
Subject: Re: How can i get haproxy reload its configuration
From: Vincent Bernat
Date: 2015-03-24 12:07:34
Message-ID: 87619q61kp.fsf () zoro ! exoscale ! ch
⦠24 mars 2015 07:45 -0400, jeff saremi  :
#!/bin/sh
pidfile=/data/haproxy.pidhaproxy -db \
-f /haproxy-1.5.8/haproxy.cfg
hmm. it says:
: 'stick' ignored because frontend 'nocache' has no backend capability.
it seems it has to be on the backend..
When set on the backend, I get an entry in the list:
# table: kk.dk-ds-backend, type: ip, size:1024, used:1
0x14b25c8: key=10.27.174.10 use=0 exp=296637 server_id=0
I tried
acl allowed sc2_conn_cur lt 2
block unless allowed
it blocked every access :(
Klavs Klavsen wrote on 03/24/2015 01:19 PM:
Can I perhaps do something like:
tcp-request content track-sc2 hdr(X-Forwarded-For)
acl conn_limit_hit sc2_conn_cur gt 2
?
Klavs Klavsen wrote on 03/24/2015
Tried converting it to type: string.. but its always empty :(
# table: nocache, type: string, size:1024, used:0
# table: nocache, type: ip, size:30, used:0
The frontend config is:
mode http
acl allowed sc2_conn_cur lt 2
balance roundrobin
default_backend ds-backend
option httplog
Hi,
We would like to limit how many connections a given IP can send to our
backend.
Our setup is like this:
haproxy - varnish - haproxy - webservers
and we'd like to have the frontend behind varnish (we call it nocache :)
limit concurrent connections any IP can have.. (to 1 or 2 is the
Hi!
I don't understand, do you mean that HAProxy OCSPStappling is easier now? Can
you point to the documentation?
Thanks,
Pierre
Written with a mobile device, sorry for typos..
On 23 mars 2015, at 22:36, Ha Quan Le nlp...@shaw.ca wrote:
Thank you for support, we have fixed our issues.
❦ 24 mars 2015 07:45 -0400, jeff saremi jeffsar...@hotmail.com :
#!/bin/sh
pidfile=/data/haproxy.pidhaproxy -db \
-f /haproxy-1.5.8/haproxy.cfg -p $pidfile \
-sf $(cat $pidfile)
The shell does variable substitution first, then execute the
line. Hence, $pidfile is expanded to , not
I posted another question on this which i got no responses for:
http://marc.info/?l=haproxym=142670306228452w=2
Is there anything i am doing wrong? or this thing never worked?
I'm sure others have gone though this too. I'd appreciate any hints. thanks
Jeff
#!/bin/sh
Title: Grand National du Trot - Marseille Borely
Si vous ne voyez pas correctement ce message, visualisez notre version en ligne.
Pour tre sr de recevoir tous nos emails, ajoutez newslet...@email.zeturf.com votre carnet dadresses
Pour ne plus recevoir
i should probably add... setting all members to backups means of course
that only the first server to pass the check will actually receive traffic
(unless you're using option allbackups). this works perfectly for us, but
may not work for you depending on your use-case.
On Tue, Mar 24, 2015 at
Is this a feature of HaProxy? and if so what is the corresponding
option to enable it.
Basically, i want Harpoxy to resend the request which as already
received a 503 from one server, to another server in the same backend.
Thats not supported, no.
Lukas
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: Alan Fitton alan.fit...@ig.com
To: Willy Tarreau w...@1wt.eu
Cc: haproxy@formilux.org
Sent: Tuesday, March 24, 2015 2:01:59 PM
Subject: RE: HAProxy signal queue not working correctly
Hi,
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: jeff saremi jeffsar...@hotmail.com
To: haproxy@formilux.org
Sent: Tuesday, March 24, 2015 3:22:09 PM
Subject: RE: How can i get haproxy reload its configuration
From:
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: Klavs Klavsen k...@vsen.dk
To: Mark S. mark.staudin...@nyi.net, haproxy@formilux.org
Sent: Tuesday, March 24, 2015 10:56:03 AM
Subject: Re: limiting conn-curs per-ip using x-forwarded-for
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: Jim Gronowski jgronow...@ditronics.com
To: haproxy@formilux.org haproxy@formilux.org
Sent: Tuesday, March 24, 2015 1:25:33 PM
Subject: timeout values for redis?
Does anyone have any
Ha,
For my sanity, and probably the sanity of hundreds of others, could you
please stop doing whatever it is you are doing with your email client? This
mailing list is invaluable to me, but this extra nonsensical activity is
causing me to reconsider being a subscriber.
Thanks,
Andy
On Mar 24,
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: jeff saremi jeffsar...@hotmail.com
To: haproxy@formilux.org
Sent: Tuesday, March 24, 2015 8:52:20 AM
Subject: RE: How can i get haproxy reload its configuration
Subject: Re: How can i get
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: Jarno Huuskonen jarno.huusko...@uef.fi
To: Klavs Klavsen k...@vsen.dk
Cc: haproxy@formilux.org
Sent: Tuesday, March 24, 2015 9:23:04 AM
Subject: Re: limiting conn-curs per-ip using
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: Jarno Huuskonen jarno.huusko...@uef.fi
To: Klavs Klavsen k...@vsen.dk
Cc: haproxy@formilux.org
Sent: Tuesday, March 24, 2015 12:58:21 PM
Subject: Re: limiting conn-curs per-ip using
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: Martin Nikolov martin.martinniko...@gmail.com
To: haproxy@formilux.org
Sent: Tuesday, March 24, 2015 3:36:36 PM
Subject: using backend node details in acls/response manipulation
Hi guys,
Thanks, I sent request previously to you but I have done it.
Ha.
- Original Message -
From: jeff saremi jeffsar...@hotmail.com
To: haproxy@formilux.org
Sent: Tuesday, March 24, 2015 4:12:32 PM
Subject: Retrying a request on other servers
Is this a feature of HaProxy? and if so
Mark S. wrote on 03/24/2015 03:36 PM:
Hi Klavs,
Try using this in the backend section for the track-sc2 statement to use
the previous instance of the Forwarded-For header.
I have a version of this working in a similar fashion, but I am using a
stick-table type binary instead of string - it
Does anyone have any feedback on sane timeout values for load balancing redis?
The testing config I was using had 'timeout client 5' and I was getting
consistent client disconnects in the logs. I increased it to two minutes and
things have improved significantly, though I do see client
From: jeffsar...@hotmail.com
To: haproxy@formilux.org
Subject: RE: How can i get haproxy reload its configuration
Date: Tue, 24 Mar 2015 08:52:20 -0400
Subject: Re: How can i get haproxy reload its configuration From: Vincent
Bernat Date: 2015-03-24 12:07:34 Message-ID: 87619q61kp.fsf () zoro
Hi guys,
I'm wondering if it is possible to use things like selected backend node's
ip, name or port as variables. My goal is to set a header in the http
response with the selected backend's details to a certain set of source ip
addresses (hence the acl, which is the easy part). I searched in the
Is this a feature of HaProxy? and if so what is the corresponding option to
enable it.
Basically, i want Harpoxy to resend the request which as already received a 503
from one server, to another server in the same backend.
And i'd like to control how many tries to do.
I looked at that options:
Hi,
I've been trying out this logging, and a few variations of my own, on one of
the RHEL5 (2.6.18-371.9.1.el5) systems that was exhibiting the problem more
frequently.
I am seeing what you saw, signals queued and processed without any issue.. It's
strange, I can't figure out why the problem
30 matches
Mail list logo
