V1.9 SSL engine and ssl-mode-async is unstable

HI HAProxy Team,: I am trying to use Intel qat work with HAProxy-1.9.0, but it work very unstable. and i had other try HAProxy-1.8.16 and it work will, How can i find what is wrong? 1.8.16 and 1.9.0 use same hardwave and system to running and compile, and use the same config file, the attach file

Re: [PATCH] CLEANUP: h2: Remove debug printf in mux_h2.c

On Fri, Jan 25, 2019 at 12:56:59AM +0100, Tim Duesterhus wrote: > It was introduced by 1915ca273832ba542d72eb0645dd7ccb6d5b945f > and should be backported to 1.9. Oops, and I was very careful when rebasing my patches :-( Thanks Tim, Willy

h1-client to h2-server host header / authority conversion failure.?

Hi List, Attached a regtest which i 'think' should pass. **   s1    0.0 === expect tbl.dec[1].key == ":authority" s1    0.0 EXPECT tbl.dec[1].key (host) == ":authority" failed It seems to me the Host <> Authority conversion isn't happening properly.? But maybe i'm just making a mistake

Re: DDoS protection: ban clients with high HTTP error rates

I've been doing something similar for years. No need for fail2ban. frontend fe-main acl host_dynamic hdr_dom(host) -i newgrounds.com acl limit_exceeded sc1_http_err_rate(be-dynamic) gt XXX tcp-request content track-sc1 src table be-dynamic if host_dynamic use_backend be-rate-limit if

[PATCH] CLEANUP: h2: Remove debug printf in mux_h2.c

It was introduced by 1915ca273832ba542d72eb0645dd7ccb6d5b945f and should be backported to 1.9. --- src/mux_h2.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/mux_h2.c b/src/mux_h2.c index 586ff516..2972ca29 100644 --- a/src/mux_h2.c +++ b/src/mux_h2.c @@ -2092,8 +2092,6 @@ static int

Re: H2 Server Connection Resets (1.9.2)

Hi Luke, On Wed, Jan 23, 2019 at 05:16:04PM +, Luke Seelenbinder wrote: > Hi Willy, > > This is all very good to hear. I'm glad you were able to get to the bottom of > it all! > > Feel free to send along patches if you want me to test before the 1.9.3 > release. I'm more than happy to do

Re: haproxy 1.9.2 with boringssl

Am 24.01.2019 um 15:09 schrieb Aleksandar Lazic: > Am 24.01.2019 um 03:49 schrieb Willy Tarreau: >> On Wed, Jan 23, 2019 at 09:37:46PM +0100, Aleksandar Lazic wrote: >>> >>> Am 23.01.2019 um 21:27 schrieb Willy Tarreau: On Wed, Jan 23, 2019 at 09:08:00PM +0100, Aleksandar Lazic wrote: >

Re: haproxy 1.9.2 with boringssl

Am 24.01.2019 um 03:49 schrieb Willy Tarreau: > On Wed, Jan 23, 2019 at 09:37:46PM +0100, Aleksandar Lazic wrote: >> >> Am 23.01.2019 um 21:27 schrieb Willy Tarreau: >>> On Wed, Jan 23, 2019 at 09:08:00PM +0100, Aleksandar Lazic wrote: Should it be possible to have fe with h1 and be server