On Saturday, January 17, 2015 11:09:27 PM Baptiste wrote: > Hi Benjamin, > > > 1) Logging performance data: > > A) How long before the page started putting out data? (implying > > that the > > > > server side is done processing, though not necessarily) > > > > B) How long did the whole cycle take from initial connection to > > end of > > > > download? > > Turn on "option httplog", these information are available (read the > relevant part of the documentation to find where).
I know I'm on the right track when I find that what I'm looking for is already in my face. I'd already turned on httplog but missed the Tq, Tw, Tc, Tr, Tt" part. Thanks! > > 2) Is there a way to anti-DDOS based on a cookie? (Really, we want to > > filter based on user/login but that isn't actually part of the HTTP > > session, that's determined by the cookie) W > > You can get inspired by these two articles: > http://blog.haproxy.com/2012/02/27/use-a-load-balancer-as-a-first-row-of-def > ense-against-ddos/ > http://blog.haproxy.com/2013/04/26/wordpress-cms-brute-force-protection-wit > h-haproxy/ > > It applies DDOS protection matching IPs. But HAProxy could perform the > same on a cookie. Nice, this is pretty much exactly what I was hoping for! > > 5) Is there a relatively simple way to get "true HA" with a redundant load > > balancer? We have two identical machines side-by-side running EL6 and > > haproxy, one is a disk dd of the other. In the past we used heartbeat > > with limited success; pacemaker has been very problematic for us. For > > now, we're managing manually. > > We use keepalived a lot :) .. as somebody else said. I'll be checking it out. This has been the smoothest product roll out I think I've seen in a production environment.