http-check send-state / no header

hi, i set the send-state, but the backends didnt receive the header. I cant find the error. listen XX80 99.12.24.5:80 modehttp source 192.168.1.155:0 balance roundrobin timeout server 4000 timeout client 4000 timeout connect 8000

optimize fast reaction in case of error

Hello, we provide one application ( apache+tomcat ) which should have very short response times. If a backend dies, the HAproxy should mark this backend DOWN as soon as possible. If all backends getting down, HAProxy should mark Frontend DOWN asap and reply with an errorcode asap. What

Re: External script

Hi, you can use keepalived to install a active/passive loadbalancer. Look at this howto. http://www.howtoforge.com/haproxy_loadbalancer_debian_etch_p2 regards Bernhard Am 10.04.2010 11:39, schrieb Gullin, Daniel: Hi, I´m wondering if it´s possible to let HAProxy /execute/ a external script

Re: XML Output interrupt / P-FLAG

2010 16:07:55 +0100 Von: Willy Tarreau w...@1wt.eu Antwort an: Willy Tarreau w...@1wt.eu Betreff: Re: XML Output interrupt / P-FLAG An: Bernhard Krieger b...@noremorze.at Cc: haproxy@formilux.org Hi Bernhard, thanks very much for your traces. They made it easier for me

Dos-Attack / Drop Connections

Hi, Since few days i am DOS-attacked on a hosted website on my server. I set i rule which returns a redirect to 127.0.0.1 acl aclHPOK hdr_reg(User-Agent) .* redirect location http://127.0.0.1/ if !aclHPOK Its possible to set a rule to drop this requests instead of redirecting or return an

Re: Dos-Attack / Drop Connections

Antwort an: Willy Tarreau w...@1wt.eu Betreff: Re: Dos-Attack / Drop Connections An: Bernhard Krieger b...@noremorze.at Cc: haproxy@formilux.org On Tue, Mar 16, 2010 at 09:12:39AM +0100, Bernhard Krieger wrote: Hi, Since few days i am DOS-attacked on a hosted website on my

Re: Dos-Attack / Drop Connections

-Attack / Drop Connections An: Bernhard Krieger b...@noremorze.at Cc: haproxy@formilux.org On Tue, Mar 16, 2010 at 10:32:40AM +0100, Bernhard Krieger wrote: Hello Willi, thanks for reply. If i change the rule to block the requests, the Session rate grow up to 1000/secs. If i use

XML Output interrupt / P-FLAG

Hello, After upgrading to 1.4.1 we getting failures on our XML-interface. Below the haproxy log entry of the request. P-FLAG: The P indicates that the session was prematurely aborted by the proxy, because of a connection limit enforcement, because a DENY filter was matched,because of a

Re: How reload haproxy config without killing process ?

Hi, http://haproxy.1wt.eu/download/1.3/doc/architecture.txt See 4.3 Hot reconfiguration bye Bernhard - Nachricht von eject.in...@gmail.com - Datum: Wed, 27 Jan 2010 17:23:11 +0200 Von: Evgeniy Sudyr eject.in...@gmail.com Antwort an: Evgeniy Sudyr

ACL / hdr_dom / matching issue

Hello, we set up an acl like below. I got some trouble due to routing to wrong backend. Requests to publisher.et.domain.com are not forwarded to the Herodot Backend. Instead it was forwarded to ET backend. The problem was that the Domainname publisher.et.domain.com was matched in the acl

Re: stunnel to provide https

Is there a way to manage several certificates with this configuration? Hmm... multiple Stunnel-Instances?!?! However, I have a problem with this configuration. When I connect to https://mysite, it shows the certificate I put on stunnel but it redirects my https to http and everything

Re: haproxy + stunnel + ssl cert question

If you have already installed the certs you can increase the logging level for troubleshooting... ; Some debugging stuff useful for troubleshooting debug = 3 output = /var/log/stunnel.log bye Bernhard - Nachricht von massimo.introvi...@gmail.com - Datum: Mon, 31 Aug 2009

Amount of ACLs per Backend

Hello, we are using haproxy for 1 months and it works very well :) First we set up a main configuration for testing. We use a apache and tomcat connected through mod_jk. Now i want to split the requests into three backends. The acls contain the following syntax: acl VHOSTS1