Hi Christophe,
On 03.11.2011 22:00, Christophe Rahier wrote:
Hello,
My config of HAProxy is:
-- CUT --
[snipp]
-- CUT --
The problem with SSL is that the IP address that I get to the web
server
is the IP address of the loadbalancer and not the original IP
address.
This is a big
Hi Aleks,
Thanks for your help, I received your answer yesterday but it was too late
for answering, I was too tired :-)
I'll check what you proposed.
Thanks once again,
Christophe
Le 04/11/11 09:41, « Aleksandar Lazic » al-hapr...@none.at a écrit :
Hi Christophe,
On 03.11.2011 22:00,
On Fri, 04 Nov 2011 09:41:00 +0100, Aleksandar Lazic wrote:
you must use
http://www.stunnel.org/static/stunnel.html
protocol = proxy
In this case, you need the latest stunnel (4.45).
Hello,
My config of HAProxy is:
-- CUT --
global
log 192.168.0.2 local0
log 127.0.0.1 local1 notice
maxconn 10240
defaults
logglobal
option dontlognull
retries2
timeout client 35s
timeout server 90s
timeout connect 5s
timeout http-keep-alive 10s
listen WebPlayer-Farm 192.168.0.2:80
Hi Christophe,
Use the HAProxy box in transparent mode: HAProxy will get connected to
your application server using the client IP.
In your backend, just add the line:
source 0.0.0.0 usesrc clientip
Bear in mind that in such configuration, the default gateway of your
server must be the HAProxy
On Thu, Jun 9, 2011 at 7:33 AM, habeeb rahman pk.h...@gmail.com wrote:
apache rewrite rule:
RewriteRule ^/(.*)$ http://127.0.0.1:2443%{REQUEST_URI} [P,QSA,L]
Why are you using a rewrite instead of mod_proxy?
ProxyPass does some nice things by default, like adding the
X-Forwarded-For header
James,
Thanks for your points. Rewrite rule was set up by some other guys and is
being used for some time now and works well with round robin.
Anyhow I will look at mod_proxy in detail. Not sure how SSL termination can
be done with it and moreover how haproxy gonna balance based on client IP.
Any
Habeeb,
given your Apache does actually insert/append an X-Forwarded-For header
you can use this statement instead of balance source in HAProxy:
balance hdr(X-Forwarded-For)
This has a few caveats you should be aware. Users can set the
X-Forwarded-Header themselves (which is done by some
8 matches
Mail list logo