Re: haproxy doesn't reuse server connections

In other words, you may want to enable "option prefer-last-server". But in such case, you won't load-balance anymore (all requests should go to the same server. Baptiste On Fri, Jul 27, 2018 at 7:09 PM, Cyril Bonté wrote: > Hi Alessandro, > > > Le 27/07/2018 à 17:50, Alessandro Gherardi a

Re: SNI matching issue when hostname ends with trailing dot

Hi Warren, As far as I know this is by design. If you do not want this behavior you need to use strict-sni in your bind statement. Regards Sander > On 27 Jul 2018, at 12:47, Warren Rohner wrote: > > Hi HAProxy list > > Just thought I'd resend this report from May in case it was missed.

Re: haproxy doesn't reuse server connections

Hi Alessandro, Le 27/07/2018 à 17:50, Alessandro Gherardi a écrit : Hi, I'm running haproxy 1.8.12 on Ubuntu 14.04. For some reason, haproxy does not reuse connections to backend servers. For testing purposes, I'm sending the same HTTP request multiple times over the same TCP connection.

[PATCH] MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed

Willy, attached is an updated patch that: 1. Only converts the addresses to IPv6 if at least one of them is IPv6. But it does not convert them to IPv4 if both of them can be converted to IPv4. 2. Does not copy the whole `struct connection`, but performs the conversion inside

haproxy doesn't reuse server connections

Hi,I'm running haproxy 1.8.12 on Ubuntu 14.04. For some reason, haproxy does not reuse connections to backend servers. For testing purposes, I'm sending the same HTTP request multiple times over the same TCP connection. The servers do not respond with Connection: close and do not close the

Possibility to modify PROXY protocol header

Hi, is there any possibilty to modify the client ip in the PROXY Protocol header before it is send to a backend server? My use case is a local integration/functional testing suite (multiple local docker containers for testing the whole stack - haproxy, cache layer, webserver, etc.). I would

Performance of using lua calls for map manipulation on every request

Hi, We are doing about 10K requests/minute on a single haproxy server, we have enough CPUs and memory. Right now each requests looks up a map for backend info. It works well. Now we need to build some expire logic around the map. Like ignore some entries in the map entries after some time. I

Re: SNI matching issue when hostname ends with trailing dot

Hi HAProxy list Just thought I'd resend this report from May in case it was missed. If it's a non-issue, I apologise. Regards Warren At 15:47 2018/05/22, Warren Rohner wrote: Hi HAProxy list We use an HAProxy 1.7.11 instance to terminate SSL and load balance 100+ websites. The

Link Addition Request

Hey! I have a quick request for you. I'm just reaching out because I came across your domain where you have mentioned list of tools and domains that work on internet security and privacy. Must say you have done an amazing work. I was super impressed by it and wanted to reach out because the

Re: Connections stuck in CLOSE_WAIT state with h2

On Fri, Jul 27, 2018 at 10:28:36AM +0200, Milan Petruzelka wrote: > after 2 days I also have no blocked connections. There's no need to wait > until Monday as I suggested yesterday. Perfect, many thanks Milan. Willy

Re: Connections stuck in CLOSE_WAIT state with h2

On Fri, 27 Jul 2018 at 10:08, Willy Tarreau wrote: > Hi Olivier, > > On Fri, Jul 27, 2018 at 09:04:04AM +0200, Olivier Doucet wrote: > > 24 hours later, still no issue to be reported. All sessions are expiring > > just fine. I think you can merge :) > > Yes I think you're right, I'll do this, it

Re: Cannot unsubscribe

Hi John, On Fri, Jul 27, 2018 at 07:54:19AM +, John Lanigan wrote: > Hi, > > I would like to unsubscribe but from this list but cannot, we have changed > email domains and while I can receive on the old one I cannot send on it. > > > I tried mailing

Re: Connections stuck in CLOSE_WAIT state with h2

Hi Olivier, On Fri, Jul 27, 2018 at 09:04:04AM +0200, Olivier Doucet wrote: > 24 hours later, still no issue to be reported. All sessions are expiring > just fine. I think you can merge :) Yes I think you're right, I'll do this, it will at least help all the users who don't want to patch their

Cannot unsubscribe

Hi, I would like to unsubscribe but from this list but cannot, we have changed email domains and while I can receive on the old one I cannot send on it. I tried mailing haproxy+h...@formilux.org but just got back an automated response that said "Hello," Can

Re: lua socket settimeout has no effect

Thankyou Cyril, your patch fixed the connect issue. Read timeout still seems a bit weird though, at settimeout(1), readtimeout kicks in at about 4 seconds, and at settimeout(2), readtimeout kicks in at about 8 seconds. is that expected? I couldn't find read timeout explicitly set anywhere in the

Re: [PATCH] MINOR: ssl: BoringSSL matches OpenSSL 1.1.0

Hi Manu, On Wed, Jul 25, 2018 at 10:34:46AM +0200, Emmanuel Hocdet wrote: > It's ok because this function is inserted upper in the patch. > > As said, it's only a revert from 019f9b10 patches for openssl-compat.h. > From: > # Functions introduced in OpenSSL 1.1.0 and not yet present in LibreSSL

Re: Connections stuck in CLOSE_WAIT state with h2

Hello, 2018-07-26 11:09 GMT+02:00 Willy Tarreau : > Hi Olivier, > > On Thu, Jul 26, 2018 at 10:53:33AM +0200, Olivier Doucet wrote: > > Previous build: > > https://tof.cx/images/2018/07/26/f31243bfede22e20a7a991ae6c39506d.png > > (we can clearly see when reload happens :p) > > > > New build: >