On 6/20/19 1:02 PM, William Dauchy wrote:
Hi Fred,
On Thu, Jun 20, 2019 at 09:44:51AM +0200, Frederic Lecaille wrote:
In fact it seems I have broken something and missed this case.
Here is a patch which should fix this issue.
Thanks for the patch, it fixes the issue.
From 1575a4bcdb52bbb86
On Thu, 20 Jun 2019 at 21:43, Michael Rennecke
wrote:
>
> Hello,
>
> I have also problems with h2 and http 1.1 backends (Apache/2.4.25, gogs)
> since the update on haproxy 2.0, see my build script. I would say, all
> domains with cookies are broken. Disable h2 or disable htx works works me.
This
Hello,
I have also problems with h2 and http 1.1 backends (Apache/2.4.25, gogs)
since the update on haproxy 2.0, see my build script. I would say, all
domains with cookies are broken. Disable h2 or disable htx works works me.
My config:
defaults
log global
modehttp
option h
Hello,
On Thu, 20 Jun 2019 at 18:28, Igor Pav wrote:
> On Thu, Jun 20, 2019 at 11:14 PM Lukas Tribus wrote:
> >
> > On Thu, 20 Jun 2019 at 09:24, Igor Pav wrote:
> > >
> > > Hi Lukas,
> > >
> > > Found when using h2, the request URI to squid is / without
> > > http://example.com/, so squid
Tried, still same result.
On Thu, Jun 20, 2019 at 11:14 PM Lukas Tribus wrote:
>
> On Thu, 20 Jun 2019 at 09:24, Igor Pav wrote:
> >
> > Hi Lukas,
> >
> > Found when using h2, the request URI to squid is / without
> > http://example.com/, so squid return 400 error...
>
> Can you disable htx
On Thu, 20 Jun 2019 at 09:24, Igor Pav wrote:
>
> Hi Lukas,
>
> Found when using h2, the request URI to squid is / without
> http://example.com/, so squid return 400 error...
Can you disable htx and check again:
no option http-use-htx
in the default section.
Lukas
Hello,
On Thu, 20 Jun 2019 at 14:49, wrote:
> I now used
>
> ssl_fc_sni_reg -i host3.intern
>
> I hope, this is also OK.
It's not.
You are already doing the right thing in the frontend, by content
switching based on the host header and not based on the SNI, so
please, don't rely on frontend SN
Am 2019-06-20 13:18, schrieb Lukas Tribus:
Hello,
you only enabled SNI for health checks (check-sni). You need to enable
SNI for the actual traffic with the sni keyword.
sni str(intern3.local)
or
sni hdr(host)
lukas
Ah, ok.
Thanks a lot!
I now used
ssl_fc_sni_reg -i host3.intern
I hope
Hello,
you only enabled SNI for health checks (check-sni). You need to enable SNI
for the actual traffic with the sni keyword.
sni str(intern3.local)
or
sni hdr(host)
lukas
Hi Fred,
On Thu, Jun 20, 2019 at 09:44:51AM +0200, Frederic Lecaille wrote:
> In fact it seems I have broken something and missed this case.
> Here is a patch which should fix this issue.
Thanks for the patch, it fixes the issue.
> From 1575a4bcdb52bbb8604521b6673557c178431deb Mon Sep 17 00:00:0
Hi,
likely, I'm the one doing something wrong, but I can't figure it out.
I have the following configuration:
frontend the_frontend
mode http
bind *:80
bind *:443 ssl crt /etc/haproxy/ssl/star.intern.pem
maxconn 2000
use_backend host1 if { hdr_dom(host) -i host1.intern }
use_back
On 6/20/19 12:59 AM, William Dauchy wrote:
Hello,
Hello William,
We are using "rate limiting" config such as the one mentioned below:
backend foo
stick-table type ip size 200k expire 30s store conn_rate(60s)
tcp-request content track-sc1 src
http-request deny deny_status 429 i
Hi Lukas,
Found when using h2, the request URI to squid is / without
http://example.com/, so squid return 400 error...
-vv
```
HA-Proxy version 2.1-dev0-1ae2a8-16 2019/06/19 - https://haproxy.org/
Build options :
TARGET = linux-glibc
CPU = generic
CC = gcc
CFLAGS = -O2 -g
13 matches
Mail list logo