Thank you Willy!
A
On Wed, Sep 9, 2020 at 1:31 PM Willy Tarreau wrote:
> On Wed, Sep 09, 2020 at 07:20:17PM +0200, Willy Tarreau wrote:
> > Feel free to pick this patch if that helps for your builds, I'm going
> > to backport it to 2.2 once all platforms are happy.
>
> All builds are OK now, th
Correct.. this is arm based on my side as well.
Sent from my Pixel 3XL
On Tue, Sep 8, 2020, 5:47 PM Vincent Bernat wrote:
> ❦ 8 septembre 2020 16:13 -04, Alex Evonosky:
>
> > Just compiling 2.2.3 and getting this reference:
> >
> >
> > /haproxy-2.2.3/src/thr
Hello Haproxy group-
Just compiling 2.2.3 and getting this reference:
/haproxy-2.2.3/src/thread.c:212: undefined reference to `_Unwind_Find_FDE'
Is there a new lib thats required?
Thank you!
Thank you Willy. That did it!
Great work!
Sent from my Pixel 3XL
On Mon, Dec 16, 2019, 11:50 PM Willy Tarreau wrote:
> Hello Alex,
>
> On Mon, Dec 16, 2019 at 01:22:42PM -0500, Alex Evonosky wrote:
> > Hello Haproxy group-
> >
> > migrating from haproxy
Hello Haproxy group-
migrating from haproxy 2.0 to 2.1 and noticed some directives changed:
=== 2.0.10 ===
capture request header origin len 128
http-response add-header Access-Control-Allow-Origin %[capture.req.hdr(0)]
if { capture.req.hdr(0) -m end aiqwest.com }
http-response add-header Access
after compiling the new 2.0.1, it seems the HTTP2 issue *we were seeing* on
2.0 but not on 1.9.8 are fixed.
Thank you.
On Thu, Jun 27, 2019 at 7:19 AM Aleksandar Lazic wrote:
> Am 26.06.2019 um 19:28 schrieb Christopher Faulet:
> > Hi,
> >
> > HAProxy 2.0.1 was released on 2019/06/26. It added
Jeff
>
>
> On 20/05/2019 17:48, Alex Evonosky wrote:
>
> example:
>
> pod1:
>
> primary: 1.1.1.2
> secondary: 1.1.1.3
> virtual: 1.1.1.1
>
>
> pod2:
>
> primary: 1.1.1.5
> secondary: 1.1.1.6
> virtual: 1.1.1.4
>
>
> The mechanism to utiliz
, 2019 at 11:37 AM Jeff Abrahamson wrote:
> Thanks, Alex.
>
> I'd understood that, but not the mechanism. Each host has an A record.
> Did I miss a DNS mapping type for virtual addresses? Or do the two hosts
> run a protocol between them and some other party? (But if one of
gt; Anecdotally, I noticed a while back that Google and others, which used to
> have DNS resolutions from one name to multiple IP's, now resolve to a
> single IP.
>
> Jeff Abrahamson
> http://p27.eu/jeff/
> http://transport-nantes.com/
>
>
> On 20/05/2019 15:04, Al
You could make it a bit more agile and scale it:
you can run them in "pods", such as two haproxy instances running
keepalived between them and use the ViP IP as the DNS record, so if an
HAproxy instance was to die, the alternate HAproxy instance can take over.
Set more pods up and use DNS round ro
the docs.
On reflection I was not able to discern the distinction of the sample fetch
keyword list and the ACL keyword list in payload.c. I hope that having added
this to the sample fetch list only was correct, even though it does not match
the example set by "req_s
Hi Willy,
Thanks for the generous review and pointers - that does sound much better and
appears to work well for the ClientHellos I have tried. Sorry for not posting
this as RFC.
Alex
- Original message -
From: Willy Tarreau
To: Alex Zorin
Cc: haproxy@formilux.org
Subject: Re
Unfortunately I attached the wrong patch file. Attaching in reply.
Alex
On Sun, Dec 30, 2018, at 2:20 PM, Alex Zorin wrote:
> Hello,
>
> The attached patch adds acl support for the TLS ALPN extension
> (RFC7301) extension via "req.ssl_alpn", in a similar vein to
>
Hello,
The attached patch adds acl support for the TLS ALPN extension (RFC7301)
extension via "req.ssl_alpn", in a similar vein to "req.ssl_sni".
It is useful for pass-thru of TLS connections in scenarios like ACME's
tls-alpn-01.
Thank you
Alex>From 8008e5e8f237
Hi haproxy.org,
Hope you are doing fantastic.
I am Alex Sr. Web Analyzer having 9+ years of experience in Search Engine
Marketing, Social media Marketing, Content Marketing, Pay-per-click, Video
Marketing etc.
While analyzing your website, we tracked some pitfalls for which your
website doesn’t
Hi haproxy.com,
Hope you are doing fantastic.
I am Alex Sr. Web Analyzer having 9+ years of experience in Search Engine
Marketing, Social media Marketing, Content Marketing, Pay-per-click, Video
Marketing etc.
While analyzing your website, we tracked some pitfalls for which your
website doesn’t
Tim-
I can speak from a production point of view that we had HAproxy on the 1.6
branch inside docker containers for mesos load balancing with pretty much
the same requirements as you spoke of. After compiling Haproxy to the 1.8x
branch the same config worked without issues.
-Alex
On Mon, Jul
Congratulations!
On Mon, Nov 27, 2017 at 8:41 AM, Arnall wrote:
> Le 26/11/2017 à 19:57, Willy Tarreau a écrit :
>
>> Hi all,
>>
>> After one year of intense development and almost one month of debugging,
>> polishing, and cross-review work trying to prevent our respective
>> coworkers
>> from w
Hi,
I have contacted you about sponsorship. Have you received the letter?
Looking forward to your reply,
Best regards,
Alex Smith.
On Пт, 13 окт 2017 10:37:50 + Alex Smith
<a...@bestvpnrating.com> wrote
Hello!
My name is Alex and I represent the w
Hello!
My name is Alex and I represent the website bestvpnrating.com
Our company is aimed at sponsoring your project. How can we be listed among
your sponsors?
Looking forward to your reply,
Best regards,
Alex Smith.
Hello!
My name is Alex and I represent the website bestvpnrating.com
Our company is aimed at sponsoring your project. How can we be listed among
your sponsors?
Looking forward to your reply,
Best regards,
Alex Smith.
Hello!
Hope your day is going well!
My name is Alex and I’m a representative of the site bestvpnrating.com.
The aim of our site is to provide recent news about VPN services and
cybersecurity at large. Actually, you may visit the site to ascertain.
I would like to know is it possible to add
Hi there,
Our company is using LUA scripting a lot, and I've discovered some missing
functions in the code. We've made a patch to fill these gaps, but I don't
know how to make a pull request. So, I've made a copy of the haproxy
repository and pushed my changes there. It's based on latest developme
Hi there.
I'm moving some code to HAProxy (LUA) and struggling with missing (or
undocumented) functionality:
1. I'm modifying request headers in action context before passing it to
web-servers, but can't access URL/query string (looks like it's only
available with AppletHTTP class in service conte
Haproxy 1.6.15 crashes with following error
haproxy[24074]: segfault at 3dbed94000 ip 003dbea897fb sp
7fffc7278e68 error 4 in libc-2.12.so[3dbea0+18a000]
Hi Ben
Thanks for the great responses, a pair of haproxies isn't quite a pair of
f5's yet!!!
We really wanted to ensure we had tested the current capabilities as far as
we could.
Cheers
Alex
On 24 February 2016 at 02:34, Benjamin Lee
wrote:
> [...] *snip*
>
>
as if i am missing something from the haproxy configuration that
means the 2 instances are not sharing their state.
configs are available, but its all pretty standard and follows the docs
Thanks in advance for any help
Alex
while "draining" with set
weight 0 if using server-state-file feature.
Is this correct ?
Thank you,
Alex
On Thu, Jan 21, 2016 at 9:00 PM, Willy Tarreau wrote:
> Hi,
>
> On Wed, Jan 20, 2016 at 10:53:46AM +0200, Alex wrote:
> > Hello,
> >
> > I've foun
2
issues that I have - state DRAIN is not preserved after a reload (this
issue has a higher weight :) ) and state DRAIN is not highlighted blue in
the stats page, I need to use set weight 0.
Do you think these can be considered bugs and have a chance to be solved ?
Regards,
Alex S
On Wed, Jan 20,
es, if any ?
Also, the server line from stats should become blue for status change to
DRAIN, or my test result is the expected behavior ?
Thank you,
--
Alex S
Hi Guys , how do unsubscribe :)
Thanks
Alex
> On Dec 3, 2015, at 2:35 AM, Willy Tarreau wrote:
>
> On Wed, Dec 02, 2015 at 11:28:28AM +, David Carlier wrote:
>> Hi all,
>>
>> Here it is a slight change, the DeviceAtlas module logging is silented by
>>
pth %d - activating hideously dirty hack :)\n",depth);
ERR_clear_error();
return 1;
}
If the depth is greater than 0 you're verifying the revocation status of a
CA certificate. If the error code is 3 it corresponds to
X509_V_ERR_UNABLE_TO_GET_CRL as per the OpenSSL x509_vfy.h
Ricardo F writes:
>
> Hello,
> Thanks for the responses, At least i found that my tought are correct.
>
> If you have enought time, Willy, i will read the explanation gladly but if
someone are in the same situation as me, this is other workaroung:
>
> rspidel ^X-[abcdefghiklmnopqrstuvw
Seu cliente de e-mail não pode ler este e-mail.
Para visualizá-lo on-line, por favor, clique aqui:
http://comprasnoparaguay23.net/display.php?M=426&C=0756d1e8cdaf638b4892e93319565405&S=6&L=1&N=1
Para parar de receber nossos
Emails:http://comprasnoparaguay23.net/unsubscribe.php?M=426&C=0756d1e8cd
Seu cliente de e-mail não pode ler este e-mail.
Para visualizá-lo on-line, por favor, clique aqui:
http://comprasnoparaguay23.net/display.php?M=426&C=0756d1e8cdaf638b4892e93319565405&S=2&L=1&N=1
Para parar de receber nossos
Emails:http://comprasnoparaguay23.net/unsubscribe.php?M=426&C=0756d1e8cd
We have
HAProxy running on GlusterFS
and geting “connection refuse , port map failure “ any ideas ?
Alex
Thanks much :)
Alex
On May 20, 2015, at 9:34 AM, Shawn Heisey wrote:
> On 5/20/2015 9:59 AM, Alex wrote:
>> Do I need rpcbind runing on haproxy , ? we are trying to use the haproxy
>> to load balance across GlusterFS for NFS using mode tcp
>> but i get connection refuse
Do I need rpcbind runing on haproxy , ? we are trying to use the haproxy to
load balance across GlusterFS for NFS using mode tcp
but i get connection refused port 111 .
n admin
bind17.199.146.184:80
modehttp
stats enable
stats uri /stats
On May 19, 2015, at 12:14 PM, Tim wrote:
> maybe you want to share your configs?
>
> On 19.05.2015 21:00,
using haproxy getting connection refused on portmaper
any suggestion
thanks
Alex
sl.
What should we debug further?
Alex
correvct for tcp mode.
Alex
> From: luky...@hotmail.com
> To: alex_wu2...@hotmail.com; haproxy@formilux.org
> Subject: RE: what is the proper configuration for using send-proxy with SSL
> Date: Mon, 5 Jan 2015 20:08:31 +0100
>
> > Hi Lucas,
> >
> > Thank you very much
Hi Lucas,
Thank you very much for assuring me that tcp mode is OK. I used ported code to
patch up the backend server to support this.
Might you tell me at what step of SSL negotiation, that the line of
proxyprotocol is inserted, so I can debug the code a little bit?
Alex
> From: l
Thanks.
It seems that haproxy needs to terminate ssl connection and start another ssl
connecion to the backend to get it work. (HAProxy in HTTP mode?)
Using tcp mode of haproxy, it seems that SSL connction negotiation can not be
started.
Alex
> From: luky...@hotmail.com
> To: al
option of
send-proxy to send client src ip to the backend server.
Is this possible?
Alex
Title: Alex coach séduction
Cliquez ici pour lire cet e-mail dans votre navigateur. Elle est Inaccessible? Raison de plus pour l’Aborder
unsubscribe
Same for me now. It was fixed shortly after I sent the email.
Cheers,
Alex
On 19-Dec-13 5:07 PM, Mark Janssen wrote:
Not for me...
Quick News
Dec 17th, 2013 : 1.5-dev21
Several early testers reported a few annoying bugs yesterday, so I
preferred to fix them quickly and issue another release
snapshots links to:
http://haproxy.1wt.eu/download/1.3/src/snapshot/
--
Alex Pop
table webservers | socat /var/lib/haproxy/stats - | fgrep
4start_of_session
>From my config, it was also important to store text not binary data in the
table.
-Alex
On Sat, Mar 2, 2013 at 5:32 PM, Alex Davies wrote:
> I was trying to troubleshoot this with a packet dump on the "peer
ation for multi peer persistence based
on a cookie that I could test, by chance?
Thanks,
-Alex
IE/Chrome/FF. But i'm not quite sure where to put this,
so i've left it out; if you think this would be helpful i'd be very happy
to add it.
Thanks,
Alex
On Sun, Feb 10, 2013 at 10:23 PM, Willy Tarreau wrote:
> Hi Alex,
>
> On Sun, Feb 10, 2013 at 08:46:46PM +,
This change makes the "crt" block of the documentation easier to use
for those not clear on what needs to go in what file, specifically for
those using CAs that require intermediate certificates.
---
doc/configuration.txt | 44 +---
1 files changed, 29 ins
00
server ww2 10.99.99.202:80 weight 6 check observe layer4 inter 1
server ww3 10.99.99.203:80 weight 10 check observe layer4 inter 1
...
Thanks,
Alex
On Sun, Feb 10, 2013 at 9:47 PM, Baptiste wrote:
> Hi,
>
> It's weird you don't need the store-response.
chain in the link is fantastic. Thanks guys!
Thanks,
-Alex
[1] Godaddy ask you to choose your type of SSL provider. I selected "nginx"
as I have used that before, but for some reason it does not provide the
intermediate certificate in this case. Select Apache Tomcat to get a zip
fi
didnt see anything in the logs about the peers, nor anything in the haproxy
status URL. Obviously if the peering were to silently break down, this
would be bad for me!
Thanks,
-Alex
On Fri, Feb 8, 2013 at 4:22 AM, Baptiste wrote:
> ahah, you can call me Baptiste :)
>
> You miss
that this will only mean that
sessions become "persistant" once PHPSESSID is set. So, to translate into
practicality, as long as the login page creates the relevant cooke (and it
does not subsequently change once logged in), this should work nicely.
Thanks,
-Alex
On Sun, Feb 3,
end up with a
Thanks,
-Alex
Right now it is just a proof of concept idea. Part of the problem is that F5
the we own does not do reverse proxying,. At least not without running an iRule
that no one on their support department will support you on. Unless I am
completely missing something.
- Alex
From: Jeffrey
client. I do
have haproxy sending out the X-Forwarded-For. But the f5 does not see it.
Anyone have an example of how scenario like this would work? Do I need to
modify haproxy or is this an f5 issue?
Thank you again in advance..
[circle]<http://www.suny.edu/>
Alex DeMarco
Mana
That is pretty awesome, Willy, thank you for sharing!
Thank you.. However, I a have a followup.. What does it mean when I get this:
'stats' ignored because frontend 'myfrontend-80' has no backend capability?
Even though I have a default backend defined?
Thanks again.
- Alex
From: Baptiste [mailto:bed...@gmail
from
123.456.789.99 for example.
thanks!
[circle]<http://www.suny.edu/>
Alex DeMarco
Manager of Technical Services
The State University of New York
State University Plaza - Albany, New York 12246
Tel: 518.320.1398Fax: 518.320.1550
Be a part of Generation SUNY: Facebook<http://ww
Hi Willy,
I never replied to this mail, my apologies!
Thank you for your suggestions. Sadly, in our case, neither approach works
- but it was worth asking you first. I solved our problem with something
that executes right at the start of our application,
Thank you!
Alex
On Wed, Nov 28, 2012
working for
other parts.
- Alex
-Original Message-
From: Baptiste [mailto:bed...@gmail.com]
Sent: Tuesday, December 18, 2012 2:43 PM
To: DeMarco, Alex
Cc: haproxy@formilux.org
Subject: Re: Passing host head to the backend
Hi,
Nothing to do, it will pas it straight away, unless you tell
- Alex
Thank you, I have this working..
- Alex
Original message
From: Willy Tarreau
Date: 12/14/2012 2:48 AM (GMT-05:00)
To: "DeMarco, Alex"
Cc: haproxy@formilux.org
Subject: Re: Re-encrypt to the backend
Hi Alex,
On Fri, Dec 14, 2012 at 12:58:17AM +, DeMarco,
them and send them to the backend because
the backend http server is expecting an ssl connection.
Can I do this in haproxy? If so, could you give me some pointers? Thanks!
Alex
I got it working.. thank you
- Alex
From: DeMarco, Alex [mailto:alex.dema...@suny.edu]
Sent: Friday, December 07, 2012 7:18 PM
To: haproxy@formilux.org
Subject: Stats error
I am trying to get stats enable to work.
However, every time I try to start haproxy I get the following error
I am trying to get stats enable to work.
However, every time I try to start haproxy I get the following error:
'stats' ignored because frontend has no backend capability.
I have backend rules in place so I am not sure what else I am missing..
Any ideas?
Thank you..
Alex
Question, on demo.1wt.eu what was used to create this? Is it a function in
HAProxy? I've been looking thru the doc and cannot seem to find it.
Thank you.
- Alex
Thanks I have it working..
Alex
Baptiste wrote:
Hi Alex,
by default, IIS will export the cert in a PKCS12 format, you have to
translate it into PEM format.
When exporting, don't forget to export the private key as well.
openssl pkcs12 -in key_and_cert.pfx -out key_andcert.pem -nodes
cheer
versed in SSL tech so thanks for all help.
- ALex
!
-Alex
d-high-availability-web-hosting-solution-part-one-the-front/
but I'd prefer to not do that because it just adds further complexity to the
setup (more ssh tunnels).
Thanks,
Alex
mark_as_abuser sc1_inc_gpc0 gt 0
tcp-request content reject if cookie_conn_rate_abuse mark_as_abuser
Many thanks,
Alex
On Thu, Nov 10, 2011 at 12:56 PM, Baptiste wrote:
> On Thu, Nov 10, 2011 at 12:48 PM, Alex Davies wrote:
> > Hi,
> > I am interested in rate limiting co
#x27; the request is blocked by (from the example post
there are 2)
* Is it possible to 'hash' on a specific cookie value (i'm thinking
PHPSESSID) as well as IP, i.e. if connections for any given PHPSESSID value
reaches x per minute block?
Many thanks,
Alex
--
Alex Davies
This emai
, Alex Davies wrote:
> Hi,
>
> I've recently moved from Apache to stunnel to provide SSL for haproxy.
>
> I have a need for the application behind haproxy to "know" if the
> connection has come in via HTTP or HTTPS. Previously, we have been injecting
> a custo
end if the source is LOCALHOST (which seems to me the neater
option)?
Cheers,
Alex
Hi Willy,
Thank you for your detailed explanation; you are entirely right and the
limit that was screwing me was the limit of fds/process which I have now
fixed.
Can you explain which parameter should be set to 2 to prevent malloc() fails
when there is no more memory left?
Many thanks,
Alex
to set the number of open files and sockets to as
close to infinite as possible - and allow them to use all the system
RAM.
Would anybody with more knowledge in this area be able to shed any light?
- Alex
Sorry, I was being silly - you are right. Thank you for confirming!
On Wed, Sep 14, 2011 at 8:14 AM, Willy Tarreau wrote:
> On Wed, Sep 14, 2011 at 07:20:33AM +0100, Alex Davies wrote:
> > Hi Willy, Cyril,
> >
> > Thank you for your detailed analysis. I still not
you shed any light? (the configuration
is the same as in my email - i.e. server timeout 2hrs).
I will investigate the 502 errors with more benchmarking directly against
the backends. Thank you for confirming that this is the source of the
problem.
Many thanks,
Alex
On Tue, Sep 13, 2011 at 11:41
nderstand why I get any at all in the first minute of a new process).
Cheers,
Alex
On Tue, Sep 13, 2011 at 1:46 PM, Cyril Bonté wrote:
> clitimeout
stand why I get any at all in the first minute of a new process).
Cheers,
Alex
On Tue, Sep 13, 2011 at 1:46 PM, Cyril Bonté wrote:
> clitimeout
I have a theory that the 504s are caused by the long-pooling application,
but I do not understand why in the case of the 502 haproxy is not retrying
the TCP connection before returning a 502 - I thought that the "option
redispatch" and "retries 10" would ensure another go.
If anyb
tup/
Once your site is being tracked, it will start appearing in our search results as soon as enough information is gathered, typically 24 hours.
Please let me know how it works out or if you need my help.
Thanks,
Alex Prikhodko
Lead Developer
expo-MAX Inc.
10520 Yonge St., Unit
Hi,
We're looking to upgrade our HAProxy hardware soon. Does anyone have any
recommendations on the things we should be looking for? e.g. Are there any
NICs we should use/avoid?
Our site primarily serves lots of small objects.
Kind regards,
Alex
Just to provide an update to this issue, the problem was caused by
mis-configured conntrack. Temporary removal of this module solved the issue.
On 22 January 2010 14:46, Alex Forrow wrote:
> Hi Emmanuel,
>
> Thanks for pointing me to that documentation, does help explain why it is
>
experienced similar
issues.
I am using Apache from the CentOS 5 repository (Apache 2.2.3), mpm prefork
(StartServers: 200, MinSpareServers: 50, MaxSpareServers: 400, ServerLimit:
1024, MaxClients: 1024)
Alex
2010/1/20 Emmanuel Bailleul
> Hi Alex,
>
> The 'lingering close' Apa
che servers (though I have tried enabling
it on a single server for investigation purposes)
I have recently tried adding another Apache instance to the pool, and this
doesn't seem to help.
Any help or guidance would be greatly appreciated. Let me know if there is
any other information I can provide.
Regards,
Alex
to have HAProxy selectively log requests, either based on
an acl, or ideally, backend?
Cheers,
Alex
this.
If this is the problem, you can fix it using 'option httpclose' in you
HAProxy configuration, or by disabling keep-alives on your backend web
servers.
- Alex
Tom Potwin wrote:
Hi
I hope I'm doing this correctly. I just joined, and I haven't used a
mailing list i
think so too, going back to version 1.3.15.7, cpu peaks at 2% with
the same load (about 10-20 concurrent sessions) and config.
/Sune
I am getting this also, on Linux 2.6.18 (CentOS 5) x86_64. Reverted to
1.3.15.7 and problem disappears.
Using a basic config doing simple http balancing.
Alex
96 matches
Mail list logo