use very high
BDP paths
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
-jonah
-Original Message-
From: David Birdsong [mailto:david.birds...@gmail.com]
Sent: Friday, September 18, 2009 3:06 PM
To: haproxy
Subject: artificial maxconn imposed
On Tue, Sep 29, 2009 at 10:30 AM, Willy Tarreau w...@1wt.eu wrote:
On Tue, Sep 29, 2009 at 09:56:51AM -0700, Jonah Horowitz wrote:
Here's the output of top on the system:
top - 09:50:36 up 4 days, 18:50, 1 user, load average: 1.31, 1.59, 1.55
Tasks: 117 total, 2 running, 115 sleeping, 0
This isn't haproxy related, but this list is so knowledgable on
network problems.
I'm troubleshooting our slow webserver and I've drilled down to a TCP
handshake taking up to 10 seconds. This handshake doesn't actually
really start until the client sends it's 3rd syn. The first 2 syn's
are
problem before with lighttpd. it is quite
verbose about running out of file descriptors.
-Original Message-
From: David Birdsong [mailto:david.birds...@gmail.com]
Sent: Wednesday, October 21, 2009 7:07 AM
To: John Lauro
Cc: haproxy
Subject: Re: slow tcp handshake
On Wed, Oct 21
that nothing shows, as most 0 values are not printed. You could check
for anything else that looks strange under netstat -s
-Original Message-
From: David Birdsong [mailto:david.birds...@gmail.com]
Sent: Wednesday, October 21, 2009 7:07 AM
To: John Lauro
Cc: haproxy
Subject: Re: slow
From the manual:
snip
hdr(name) The HTTP header name will be looked up in each HTTP request.
Just as with the equivalent ACL 'hdr()' function, the header
name in parenthesis is not case sensitive. If the header is
absent or if it does not
i see that POST is a valid httpchk parameter, but without ripping
twisted apart, i'm not sure how it could allow an empty POST through
to code that could return a 200 or 204.
has anybody already gone through this?
On Wed, Dec 23, 2009 at 10:07 PM, David Birdsong
david.birds...@gmail.com wrote:
On Wed, Dec 23, 2009 at 9:57 PM, Willy Tarreau w...@1wt.eu wrote:
On Wed, Dec 23, 2009 at 09:48:15PM -0800, David Birdsong wrote:
i see that POST is a valid httpchk parameter, but without ripping
twisted apart
On Wed, Dec 23, 2009 at 11:27 PM, Willy Tarreau w...@1wt.eu wrote:
On Wed, Dec 23, 2009 at 10:52:52PM -0800, David Birdsong wrote:
this can be dropped for now. it turns out that twisted doesn't
actually return error codes when you instruct it to. it puts the
error codes in the xml response
I wonder about this with all the servers/proxies I work with. HAproxy
can write to a unix socket, is there any reason why it can't listen
on one?
I have a setup where I string a few servers together over
localhosI wonder about this with all the servers/proxies I work with. HAproxy
can write to
this for HTTP too. I wanted to extend the bind statement
to support unix-domain socket paths, but this remained very low in
my priority list. I know that David Birdsong (CCed) was interested
in this too, though I don't know if he had any time to look at that.
I would also love this option
I'm curious what others are doing to achieve high connection rates
-say 10Kconnections/ second.
We're serving objects averaging around 100KB, so 10K/sec is a fully
utilized 1G ethernet card. I'd like to safely hit 7-800 Mb/sec, but
interrupts are just eating the machine alive.
Before adjusting
This is really cool.
I recently wrote a script to do a 'slow down' that writes decreasing
percentages to the stats socket over a configurable time window.
It would be really cool to be able to use the slow start logic
internal to haproxy combined with this command to implement all of
what I
On Sat, Jan 30, 2010 at 1:04 AM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Fri, Jan 29, 2010 at 03:58:09PM -0800, David Birdsong wrote:
I'm curious what others are doing to achieve high connection rates
-say 10Kconnections/ second.
We're serving objects averaging around 100KB, so 10K
On Sun, Jan 31, 2010 at 12:24 PM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Sun, Jan 31, 2010 at 11:41:20AM -0800, David Birdsong wrote:
we serve media. i double checked the average size simply by reading
content length values and averaging them for every 100 and 1000
requests over a 5
On Fri, Feb 5, 2010 at 7:50 PM, Greg Gard gg...@carepaths.com wrote:
hi,
i would like to be able to pause traffic for a minute or so whilst i
reload rails servers to use a different database. i have three
different webservers and can probably write a script to nolb one
server, reboot with
I'm autogenerating haproxy configs on some of our front ends and
appending a growing set of IP addresses that we'll ban. Does this
scale well in haproxy? Can I expect performance to drop as the list
grows and grows or is this implemented in a way that scales pretty
horizontally?
On Thu, Feb 25, 2010 at 12:48 AM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Wed, Feb 24, 2010 at 06:06:26PM -0800, David Birdsong wrote:
I'm autogenerating haproxy configs on some of our front ends and
appending a growing set of IP addresses that we'll ban. Does this
scale well
2010/2/25 XANi xani...@gmail.com
Hi
Dnia 2010-02-25, czw o godzinie 15:35 -0800, David Birdsong pisze:
On Thu, Feb 25, 2010 at 12:48 AM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Wed, Feb 24, 2010 at 06:06:26PM -0800, David Birdsong wrote:
I'm autogenerating haproxy configs
On Mon, Mar 8, 2010 at 2:29 AM, Stefan Johansson phu...@hotmail.com wrote:
Obviously this is seemingly not related to haproxy, but in case anyone might
have an idea...
I've been trying more with lighttpd with max connections set to 2048 and it
is still reaching the connection limit.. and this
On Sat, Apr 10, 2010 at 11:08 AM, Dirk Taggesell
dirk.tagges...@googlemail.com wrote:
On Thu, Apr 8, 2010 at 10:57 PM, Willy Tarreau w...@1wt.eu wrote:
In 1.4 you should probably use hash-type consistent to avoid redispatching
everyone when one server falls down.
Thanks for eyplaining,
On Wed, Jun 9, 2010 at 8:55 AM, Rapsey rap...@gmail.com wrote:
I use it to dispatch to another app. As for ordering, I think you would need
to do it from the app if I understand your use case correctly.
Sergej
It's true that X-Accel-Redirect would require this chaining logic in
your app. If
I'm pretty excited to start using halog, but dumping out the usage is
about the only documentation I can turn up -which is not explaining
anything to me. Is there anything more substantial on how to use
halog?
On Wed, Jun 9, 2010 at 10:09 PM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Wed, Jun 09, 2010 at 04:37:28PM -0700, David Birdsong wrote:
I'm pretty excited to start using halog, but dumping out the usage is
about the only documentation I can turn up -which is not explaining
anything to me
If you want haproxy to load balance across your databases and do so by
some value in the traffic, you'll need to expose your database via a
protocol that haproxy supports.
Write an RPC service that speaks HTTP and have haproxy load balance
across your RPC servers using HTTP values. This is
On Thu, Oct 7, 2010 at 1:01 PM, Maurice Kelly
list-hapr...@chatswood.org.uk wrote:
Hi,
I've been trying out HAProxy 1.4.8 on RHEL 6 beta (running kernel
2.6.32-44.1.el6.x86_64).
I created a very simple configuration with which I'd been testing with and
without the option splice-response
On Wed, Dec 8, 2010 at 6:13 PM, Bryan Talbot btal...@aeriagames.com wrote:
See the architecture doc section 4.3
http://haproxy.1wt.eu/download/1.3/doc/architecture.txt
-Bryan
When a new haproxy pid is started after it sends a SIGTTOU to the
prior running haproxy pid, what is the state of the
Hey Willy,
Haproxy rocks!
I've been using slowstart lately and was wondering if it would be
possible to add the opposite--something like 'slowdeath'. Some
external event would trigger, perhaps a very specific HTTP code, or a
command coming through the control socket, haproxy would un-weight the
On Mon, Dec 20, 2010 at 12:25 AM, Willy Tarreau w...@1wt.eu wrote:
On Sun, Dec 19, 2010 at 11:35:37PM +0100, Bedis 9 wrote:
Hey,
A slowdown would be interesting if you want to avoid any huge traffic
to be redirected to quickly to other backends.
That's the only use I can think of, and I
On Mon, Mar 14, 2011 at 8:15 PM, g...@desgames.com g...@desgames.com wrote:
Actually, I should clarify something. We don't really actually want the
'black hole' situation I described - instead, what we want is for haproxy to
accept and queue the messages that come in from the requesting server,
your normal backend. if
another is true, use your backup.
there might be better ways to do this in just the backend itself also.
Thanks,
Guy
On Mon, Mar 14, 2011 at 5:34 PM, David Birdsong david.birds...@gmail.com
wrote:
On Mon, Mar 14, 2011 at 8:15 PM, g...@desgames.com g...@desgames.com
this line in my haproxy config:
acl bad_guys_ip hdr(X-Forwarded-For) -f /etc/haproxy/block_ip.txt
will block a single ip, but i can't figure out the syntax for specifying a
subnet
this block_ip.txt blocks my ip
snip
# comment lines ok
# block an ip
x.x.x.86
# block a subnet doesn't work for
On Fri, Mar 18, 2011 at 4:56 PM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Thu, Mar 17, 2011 at 04:17:15AM -0400, David Birdsong wrote:
this line in my haproxy config:
acl bad_guys_ip hdr(X-Forwarded-For) -f /etc/haproxy/block_ip.txt
will block a single ip, but i can't figure out
I don't think you'll find NAT capabilities in any proxy. I think a
fair distinction between a proxy and a NAT device is:
- a proxy actually listens and will call accept to create a separate
socket connection with both client and server
- a NATing device doesn't know about sockets at all and will
On Thu, Mar 24, 2011 at 5:27 PM, Ben Timby bti...@gmail.com wrote:
On Thu, Mar 24, 2011 at 4:59 PM, Jason J. W. Williams
jasonjwwilli...@gmail.com wrote:
Hi All,
I'm trying to find documentation on configuring HAProxy to do half-NAT, but
can't seem to find any. Does HAProxy not support
I'm in the process of trying to debug a somewhat sluggish set of
backends. The backends are ~20 python tornado web servers that
implement a simple blocking db call to mongodb. I would theorize that
the request rate can overload the number of backends and their ability
to service periodically when
-0700, David Birdsong wrote:
I'm in the process of trying to debug a somewhat sluggish set of
backends. The backends are ~20 python tornado web servers that
implement a simple blocking db call to mongodb. I would theorize that
the request rate can overload the number of backends and their ability
I've poured over 1.5 docs, and I'm pretty sure this should be
possible. Is there a way to extract a header string from an http
header and track that in a stick-table of type 'string'? If so, what
is the syntax, where does the extraction take place?
Also, is there any way to concatenate two
On Sat, Aug 27, 2011 at 5:26 AM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Thu, Aug 25, 2011 at 12:28:43PM -0700, David Birdsong wrote:
I've poured over 1.5 docs, and I'm pretty sure this should be
possible. Is there a way to extract a header string from an http
header and track
On Mon, Aug 29, 2011 at 1:46 PM, Willy Tarreau w...@1wt.eu wrote:
On Mon, Aug 29, 2011 at 01:40:53PM -0700, David Birdsong wrote:
On Mon, Aug 29, 2011 at 1:36 PM, Willy Tarreau w...@1wt.eu wrote:
On Mon, Aug 29, 2011 at 12:22:18PM -0700, David Birdsong wrote:
On Sat, Aug 27, 2011 at 5:26 AM
On Tue, Aug 30, 2011 at 4:04 PM, Baptiste bed...@gmail.com wrote:
On Wed, Aug 31, 2011 at 12:37 AM, David Birdsong
david.birds...@gmail.com wrote:
On Tue, Jun 14, 2011 at 10:41 PM, Willy Tarreau w...@1wt.eu wrote:
On Tue, Jun 14, 2011 at 04:43:47PM -0700, John Fieber wrote:
I want to create
There are simple ways and big fancy ways.
I'd recommend a simple way to start out. DNS can serve more than 1 ip
address for a single name via 2 or more A records.
On Wed, Jan 4, 2012 at 6:48 PM, S Ahmed sahmed1...@gmail.com wrote:
How is it possible for a single domain like www.example.com
I set out to leverage gpc's and stick tables a few months back, but
alas was stopped in my tracks as only layer 4 data is useful to match
on. The info I'd need to work with would be found in HTTP headers, ie.
X-Forwarded-For or some other sort of of custom header.
Please correct me if I'm wrong.
On Mon, Feb 27, 2012 at 9:12 AM, hapr...@serverphorums.com wrote:
Sweet researching this for past week so very timely! Thanks
---
posted at http://www.serverphorums.com
http://www.serverphorums.com/read.php?10,452070,452187#msg-452187
On Sat, Mar 31, 2012 at 7:55 PM, Kevin Heatwole ke...@heatwoles.us wrote:
I am just investigating use of haproxy for the first time.
I'd like the balancing algorithm to send http request to the first server in
the list until the number of requests hits a configurable number. When the
On Tue, Apr 3, 2012 at 1:42 AM, Guillaume Demillecamps
guilla...@multipurpose.be wrote:
Hello all,
I am starting to hit some limitations in haproxy's configuration options !
I have decided to use this product to sit in front of a cloud environment
hosting several websites as I have used it
Hi, I've got a situation where I need to update haproxy every 1-2
mins to apprise it of a new list of ip addresses to tarpit.
I've rigged up a fairly hacky pipeline to detect scrapers on our site
based on entries found X-Forwarded-For. To get around the fact the
stick-table entries are only
work either, iptables works on TCP/IP not HTTP
i'd like to keep IP blocking in haproxy.
On Apr 23, 2012, at 2:45 PM, David Birdsong wrote:
Hi, I've got a situation where I need to update haproxy every 1-2
mins to apprise it of a new list of ip addresses to tarpit.
I've rigged up a fairly
On Mon, Apr 23, 2012 at 5:07 PM, Kevin Heatwole ke...@heatwoles.us wrote:
On Apr 23, 2012, at 7:31 PM, David Birdsong wrote:
...
- nginx is already in front of haproxy, but nginx is not the first
listener, so it sees the IP addresses as HTTP headers too. the last
time I checked nginx only
On Mon, Apr 23, 2012 at 10:47 PM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Mon, Apr 23, 2012 at 11:45:51AM -0700, David Birdsong wrote:
Hi, I've got a situation where I need to update haproxy every 1-2
mins to apprise it of a new list of ip addresses to tarpit.
I've rigged up a fairly
On Tue, Apr 24, 2012 at 12:21 PM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Tue, Apr 24, 2012 at 11:46:52AM -0700, David Birdsong wrote:
i'm not seeing my response that swear i sent last night...
I swear I didn't see it :-)
so strange, gmail doesn't even have a saved draft to recall
Is there a way to set the maxqueu for an entire backend? I set maxqueu
on default-server to 1, and on the frontend ACL required that
connslots be greater than 1. I expected connslots to be maxconn * num
server + 1 * num servers (connections + queue slots).
I found that the backend still queued
in a manual, but to link
out to this discussion would be so awesome.
maybe this what stackexchange could be used for, but it'd require us
to copy and replay the whole discussion.
On Tue, Jun 05, 2012 at 06:17:15PM -0700, David Birdsong wrote:
Is there a way to set the maxqueu for an entire backend
On Tue, Apr 24, 2012 at 2:33 PM, David Birdsong
david.birds...@gmail.com wrote:
On Tue, Apr 24, 2012 at 2:18 PM, David Birdsong david.birds...@gmail.com
wrote:
On Tue, Apr 24, 2012 at 12:21 PM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Tue, Apr 24, 2012 at 11:46:52AM -0700, David
On Wed, Jul 18, 2012 at 3:01 PM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Thu, Jul 12, 2012 at 11:56:40AM -0700, David Birdsong wrote:
On Tue, Apr 24, 2012 at 2:33 PM, David Birdsong
david.birds...@gmail.com wrote:
On Tue, Apr 24, 2012 at 2:18 PM, David Birdsong david.birds
On Tue, Aug 7, 2012 at 11:51 PM, Andrew Davidoff david...@qedmf.net wrote:
Willy,
Thanks for the quick response. I haven't fully digested your example
suggestion yet but I will sit down with it and the haproxy configuration
documentation and sort it out in my brain.
Here's the basic idea of
I've got a backend where the balancing is done via url hash (consistent.)
I set default-server maxconn to 4 and I notice that when one of the servers
hit it's maxconn, it queued requests on the server and didn't get
redistributed to other servers in the backend. The backend queue has
remained 0.
On Thu, Jul 18, 2013 at 1:49 PM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Thu, Jul 18, 2013 at 11:56:13AM -0700, David Birdsong wrote:
I've got a backend where the balancing is done via url hash (consistent.)
I set default-server maxconn to 4 and I notice that when one
On Thu, Jul 18, 2013 at 3:12 PM, Willy Tarreau w...@1wt.eu wrote:
On Thu, Jul 18, 2013 at 02:37:16PM -0700, David Birdsong wrote:
A tuneable would be interesting to have, but how would you envision the
implementation? In the case of consistent hashing, would the request be
re-routed
On Fri, Mar 7, 2014 at 1:08 AM, Dmitry Sivachenko trtrmi...@gmail.comwrote:
On 07 марта 2014 г., at 13:02, Willy Tarreau w...@1wt.eu wrote:
On Fri, Mar 07, 2014 at 01:01:04PM +0400, Dmitry Sivachenko wrote:
Now it behaves almost this way but without honoring specified
weights.
We
Before or after haproxy setuid's?
Could I get more clarification on %ms or accept date milliseconds?
I'm not sure what that phrase means. Is it simply the number of
milliseconds after the timestamp?
Is this a valid use of that field?
%Ts.%ms
...can I add it to the timestamp to get more precise log time?
I'm having trouble getting a rand acl to pass the configuration test. When
did rand show up? I don't see mention of it here:
http://haproxy.1wt.eu/download/1.5/src/CHANGELOG
I'm running 1.5-dev22-1a34d57
Error message:
unknown fetch method 'rand' in ACL expression 'rand()
config line:
acl
On Mon, Mar 31, 2014 at 9:35 PM, Cyril Bonté cyril.bo...@free.fr wrote:
Hi,
Le 31/03/2014 22:26, David Birdsong a écrit :
I'm having trouble getting a rand acl to pass the configuration test.
When did rand show up? I don't see mention of it here:
http://haproxy.1wt.eu/download/1.5/src
congrats!
On Thu, Jun 19, 2014 at 12:54 PM, Willy Tarreau w...@1wt.eu wrote:
Hi everyone,
The list has been unusually silent today, just as if everyone was waiting
for something to happen :-)
Today is a great day, the reward of 4 years of hard work. I'm announcing
the
release of HAProxy
It's not zookeeper backed, but I'm curious if anybody's using:
https://github.com/kelseyhightower/confd to rewrite haproxy config and
reloading.
On Thu, Jul 10, 2014 at 12:19 AM, Зайцев Сергей Александрович
s.zayt...@r-style.com wrote:
Hi, thanks!
Looking forward to look at it and try to
Wow, this is a really informative blog post. Thanks for sharing!
I'm curious, did you weight the costs of simply converting your proxies to
run on one of the BSD's? As I understand it, their implementation of
SO_REUSEPORT would mean zero downtime reloads just work as
hoped-for/expected.
On Mon,
On Sat, Apr 11, 2015 at 2:16 AM, Willy Tarreau w...@1wt.eu wrote:
Hi David,
On Thu, Apr 09, 2015 at 04:01:44PM -0700, David Birdsong wrote:
Ok, false alarm.
We have corruption in our log parsing stream so that's what the rest of
my
week will be centered around.
OK, cool
great, thanks!
On Tue, Apr 28, 2015 at 12:56 PM, Cyril Bonté cyril.bo...@free.fr wrote:
Hi David,
Le 28/04/2015 21:46, David Birdsong a écrit :
I'm only looking for the presence of a header to set an ACL, nothing more.
header is XAMGIF
conf snippet:
acl anim_gif req.fhdr_cnt(XAMGIF) 1
I'm only looking for the presence of a header to set an ACL, nothing more.
header is XAMGIF
conf snippet:
acl anim_gif req.fhdr_cnt(XAMGIF) 1
this correct?
Greetings, I hope the rewrite from C-Lua is going well...
I'm looking to trace down a weird scenario that might be a bug. We're
running: 1.5.2. Our backend is configured w/ a 500ms timeout queue and we
consistent hash on uri for load balancing.
For requests logged as termination 'SQ' that
We key some alerts off of haproxy stats;csv and I'm trying to wrap my head
around a suspiciously low 5xx counter for a given server in a backend that
was spewing 503's and 500's in it's own log.
How does the 5xx counter for a given server get incremented in the case of
a backend connection reset?
Can maps be used with 'use-server' in listen or backend sections similarly
to how it can be used with 'use_backend'?
On Sat, Nov 14, 2015 at 1:06 PM Baptiste wrote:
> On Sat, Nov 14, 2015 at 3:21 PM, SL wrote:
> > Hi,
> >
> > We have quite a large number of
On Sat, Dec 12, 2015 at 12:57 PM, Cyril Bonté <cyril.bo...@free.fr> wrote:
> Hi,
>
> Le 12/12/2015 21:42, David Birdsong a écrit :
>
>> This one is pretty simple:
>>
>>
>> `
>> acl a_new_backend hdr_dom(host) -i api.company.com path_beg -i /
On Sat, Dec 12, 2015 at 9:59 PM, Michael Ezzell <mich...@ezzell.net> wrote:
>
> On Dec 12, 2015 8:39 PM, "David Birdsong" <david.birds...@gmail.com>
> wrote:
> >
> >> You can try something like :
> >> acl API_HOST hdr_dom(host)
On Wed, Feb 3, 2016 at 7:48 PM Willy Tarreau <w...@1wt.eu> wrote:
> Hi David,
>
> On Tue, Feb 02, 2016 at 11:56:25PM +, David Birdsong wrote:
> > Has nobody else run into this w/ consul? Given the plethora of tools
> around
> > consul and haproxy and templ
I've been running into a problem for a few weeks that I was hoping to see
disappear w/ a simple upgrade to 1.6.3.
I'm using consul and it's templating to dynamically expand a backend list
which then runs an haproxy reload using the init scripts in the contrib dir.
I haven't been able to trace
On Wed, Feb 3, 2016 at 3:05 AM Vincent Bernat <ber...@luffy.cx> wrote:
> ❦ 3 février 2016 00:11 GMT, David Birdsong <david.birds...@gmail.com> :
>
> > I'm not using consul but am using haproxy in a docker container
> > and reloading when backend hosts c
Has nobody else run into this w/ consul? Given the plethora of tools around
consul and haproxy and templating, I know others are using reloads to keep
backend current, but the old haproxy PIDs stick around listening w/
incorrect backends.
On Thu, Jan 28, 2016 at 8:52 PM David Birdsong
On Thu, Jan 28, 2016 at 6:35 PM, Pavlos Parissis <pavlos.paris...@gmail.com>
wrote:
> On 28/01/2016 10:35 μμ, David Birdsong wrote:
> > I've been running into a problem for a few weeks that I was hoping to
> > see disappear w/ a simple upgrade to 1.6.3.
> >
&g
On Fri, Apr 22, 2016 at 11:56 PM Cyril Bonté <cyril.bo...@free.fr> wrote:
> Hi David,
>
> Le 23/04/2016 04:27, David Birdsong a écrit :
> > predefined acl's dont work w/ integer comparison either, but calculating
> > the value and doing the integer comparison di
Oh, great thanks!
On Thu, Apr 14, 2016 at 11:50 PM Willy Tarreau <w...@1wt.eu> wrote:
> Hi David,
>
> On Fri, Apr 15, 2016 at 03:35:11AM +, David Birdsong wrote:
> > Is there anyway to use:
> >
> > http-request set-var()
> >
> > to set a var
We're emitting chunked encoded response bodies, but we would like to write
a value similar to content-length but as a trailer. Is there a way to
capture trailing headers?
I have a frontend in mode tcp that I use to switch inbound traffic between
a syslog backend(raw tcp) and an http backend.
I've been using this setup for over a year with little issue, but I think
I've been missing a case that is now more prevalent with more traffic.
Given the frontend config:
Queue Cur is a gauge and so not representative of historical values.
Queue Max of zero is telling though.
In addition to queue timeout, there are other ways haproxy can synthesize
an http response on behalf of the backend server. Check for connection
errors.
On Wed, Sep 7, 2016 at 12:15 PM
On Wed, Sep 28, 2016 at 2:51 AM Lukas Tribus <lu...@gmx.net> wrote:
> Hi David,
>
>
> Am 28.09.2016 um 00:40 schrieb David Birdsong:
> > I managed to disable keepalive properly and now I see the problem
> > completely resolve itself.
> >
> > Is there
I managed to disable keepalive properly and now I see the problem
completely resolve itself.
Is there some way to use mixed-content frontends w/ a previously opened
connection and still detect HTTP (the default HTTP acl)?
On Mon, Sep 26, 2016 at 11:10 AM David Birdsong <david.birds...@gmail.
I'm using haproxy to create an identifier using an upstream response header
like so:
http-response set-header X-R-ID %[res.hdr("X-Used-Params"),djb2(1),hex]
I'm having trouble getting haproxy to log this value with the additional
capture header that should get routed to my custom http log:
n you try using this config in the following order:
>
> 1/ declare capture response len 12 id 0
> 2 http-response set-header X-R-ID %[res.hdr("X-Used-Params"),djb2(1),hex]
> 3/ http-response capture hdr(X-R-ID) id 0
>
> ++
>
>
that worked! thanks.
> On 24/1
love socklog!
i use it combined w/ s6-log https://skarnet.org/software/s6/s6-log.html
On Mon, Nov 5, 2018 at 11:55 PM Aleksandar Lazic wrote:
> Hi.
>
> In the meantime you can use Socklog [1] or fluent-bit [2] to listen to
> syslog and write to stdout as I use it in my Image. Pay attention
Thanks!
On Tue, Nov 5, 2019, 1:04 AM Baptiste wrote:
> Hi there,
>
> David Birdsong reported a bug last week about http do-resolve action not
> using the DNS cache.
> The patch in attachment fixes this issue.
> There is no github issue associated to this bug.
> Backpor
On Wed, Oct 30, 2019, 9:58 AM Baptiste wrote:
>
>
> On Tue, Oct 29, 2019 at 8:18 PM David Birdsong
> wrote:
>
>> I should have put the haproxy version in the mail too:
>>
>> haproxy 2.0.8
>>
>> On Tue, Oct 29, 2019 at 3:07 PM David Birdsong
>>
On Wed, Oct 30, 2019 at 11:39 AM Baptiste wrote:
> Thanks!
>>
>> It had that feel to it...seemed like a cache lock timeout and/or somehow
>> tied to the request interval.
>>
>>
> I think I know where to fix this behavior in the code. I will work on the
> "how to fix it" later tonight.
> In the
Hi, I'm trying to figure out whether the following tuneables apply only to
bound HTTP sockets ou
tune.h2.header-table-size
tune.h2.initial-window-size
tune.h2.max-concurrent-streams
I'm just curious: what replaces monitor-uri? I'm putting up a new proxy
tier at my new company and can steer to use the more up-to-date method, but
combing the docs and nothing jumps out at me.
I'm guessing something in either http-re{quest,response}, but I don't see
anything that synthesizes
On Mon, Oct 28, 2019 at 12:27 PM Aleksandar Lazic
wrote:
> Am 27.10.2019 um 20:16 schrieb David Birdsong:
> > I'm just curious: what replaces monitor-uri? I'm putting up a new proxy
> tier at
> > my new company and can steer to use the more up-to-date method, but
>
I've narrowed down a behavior that I think might be a bug, but is
definitely not ideal.
This minimal configuration copies header: X-Host into Host and performs a
dynamic DNS query against that field name, stores the output in a txn var,
and then uses a backend whic sets the dest ip to that txn
I should have put the haproxy version in the mail too:
haproxy 2.0.8
On Tue, Oct 29, 2019 at 3:07 PM David Birdsong
wrote:
> I've narrowed down a behavior that I think might be a bug, but is
> definitely not ideal.
>
> This minimal configuration copies header: X-Host into Host
98 matches
Mail list logo