Hi Alexey,
On Tue, Nov 25, 2014 at 02:22:50PM +0800, Alexey Zilber wrote:
> Hi Willy and Lukas,
>
> Here's snippets of the new config:
A few points on your config below :
> -
>
> global
>
>maxconn 645000
keep in mind that under linux, you're limitd to 1
On 27 November 2014 at 10:39, Alexey Zilber wrote:
> That's part of what I'm trying to figure out.. where are the junk bytes
> coming from. Is it from the client, server, haproxy, or networking issue?
That's what tcpdump is useful for. Use it at different places in your
end-to-end client/backend
That's part of what I'm trying to figure out.. where are the junk bytes
coming from. Is it from the client, server, haproxy, or networking issue?
I'd rather not be passing any kind of crap to the backend, but the
changes I made have reduced the errors by around 500%. I'm guessing the
issue may
There are clearly a lot of junk bytes in those URI which are not allowed by
the HTTP specs. If you really want to be passing unencoded binary control
characters, spaces, and nulls to your backends in HTTP request and header
lines, then HTTP mode is probably not going to work for you.
TCP mode will
Hi Willy and Lukas,
Here's snippets of the new config:
-
global
maxconn 645000
maxpipes 645000
ulimit-n 645120
user haproxy
group haproxy
tune.bufsize 49152
spread-checks 10
daemon
quiet
On Sun, Nov 23, 2014 at 11:57:50PM +0800, Alexey Zilber wrote:
> Hi Willy,
>
> I already do "option dontlognull". These get logged anyway. We've
> actually seen a high amount of 400 errors happening. I'll post the configs
> in a day or two (the pre/post) configs. I've been able to knock down
Hi Willy,
I already do "option dontlognull". These get logged anyway. We've
actually seen a high amount of 400 errors happening. I'll post the configs
in a day or two (the pre/post) configs. I've been able to knock down the
400 and 502 errors to about 10%, with 400 errors being around .6% of
Hi guys,
On Sat, Nov 22, 2014 at 09:06:57PM +0100, Lukas Tribus wrote:
> > Hi Lukas,
> >
> > I had decoded the error message and it didn't make sense. There is no
> > connection limit reached, there are no filters. If you look at the
> > rest of the log line, there were no cookies. In
> Hi Lukas,
>
> I had decoded the error message and it didn't make sense. There is no
> connection limit reached, there are no filters. If you look at the
> rest of the log line, there were no cookies. In fact, the last part "a
> security check which detected and blocked a dangerous e
Hi Lukas,
I had decoded the error message and it didn't make sense. There is no
connection limit reached, there are no filters. If you look at the rest of
the log line, there were no cookies. In fact, the last part "a security
check which detected and blocked a dangerous error in server respon
Hi Alexey,
> All,
>
> I've tripled the default buffer size, doubled maxconn and added
> accept invalid http request from client and server. This got rid of a
> large number of the 400 ' s but not all. Any ideas what it could be?
> There's nothing else specific in the logs and haproxy-status is a
All,
I've tripled the default buffer size, doubled maxconn and added accept
invalid http request from client and server. This got rid of a large
number of the 400 ' s but not all. Any ideas what it could be? There's
nothing else specific in the logs and haproxy-status is all good.
-Alex
On
12 matches
Mail list logo