Hey,
Using stunnel and haproxy, both with the proxy protocol may help when
you want to add the X-SRC-IP header for a SSL connection.
cheers
Could you at least provide your config?
cheers
On Mon, Jun 4, 2012 at 10:13 PM, Cord MacLeod cordmacl...@gmail.com wrote:
Just got around to attempting this, it appears not to work with SSL. Is
there any other option (stunnel breaks a lot and doesn't support 1 off
connections)?
*
Oh hey guys,
I do the same thing and use the stunnel proxy protocol. You just add protocol =
proxy to stunnel and use bind :81 accept-proxy for haproxy and it seems to take
care of the rest. I do have to add some extra headers using addreq to identify
port and protocol but that's just
Dear Reader,
I invite you to attend GOAL’s upcoming webinar on
Topic: Privacy Implications in Global Legal Outsourcing Industry:
Ethical and Regulatory Compliances
Speakers:
- Daniel H. Vaswani, Chief Counsel, Kagu9, Inc., USA
- James E. King, Attorney, King Law Corporation, USA
- Dhiraj
On Mon, Jun 04, 2012 at 01:13:31PM -0700, Cord MacLeod wrote:
Just got around to attempting this, it appears not to work with SSL. Is
there any other option (stunnel breaks a lot and doesn't support 1 off
connections)?
* Reloading haproxy haproxy
Hey guys,
Thank you for all your input, I ended up going with the xforwardedfor.
--Karl.
Karl Kloppenborg
Programming Ninja
Crucial Paradigm Pty Ltd
Suite 1 Level 3 104-106 Commonwealth St
Surry Hills NSW 2010
Australia
1300 884 839 – Sales Support (AU Only)
Hi guys
Originally we had haproxy in front and connecting to backend server
haproxy - backend server
and applications and backend server see the real client ip fine without any
issues
But we decided to try adding Varnish cache in between
haproxy - varnish - backend server
Problem now
Is haproxy adding X-Forwarded-For to the request it sends varnish? If
so, just don't have varnish manipulate X-Forwarded-For and your app will
use the header added by HAProxy.
David
On 6/5/12 9:04 PM, hapr...@serverphorums.com wrote:
Hi guys
Originally we had haproxy in front and connecting
Is there a way to set the maxqueu for an entire backend? I set maxqueu
on default-server to 1, and on the frontend ACL required that
connslots be greater than 1. I expected connslots to be maxconn * num
server + 1 * num servers (connections + queue slots).
I found that the backend still queued
why not put varnish in front of haproxy like this:
haproxy listen on ip public 1 and localhost
varnish listen on ip public 2 and forward to localhost
so cached traffic is immediately served by varnish without hitting haproxy.
and when you don t need to cache the traffic you use ip public 1
Hey all,
Is anyone aware of latency issues with 1.5dev7?
I have checked that syncookies is enabled and syn_backlog = 1. My
maxconn is also set to 1.
This is Ubuntu Lucid installed from
https://launchpad.net/~mojocode/+archive/ppa/+build/2947499
My ulimit is something like 2.
Hi David,
On Tue, Jun 05, 2012 at 06:17:15PM -0700, David Birdsong wrote:
Is there a way to set the maxqueu for an entire backend?
No. When I developped the server maxqueue, I remember having done the same
for the backend (it even ended up in the doc, causing later confusion), but
I removed it
Hi Chris,
On Tue, Jun 05, 2012 at 09:54:17PM -0500, Chris LeBlanc wrote:
Hey all,
Is anyone aware of latency issues with 1.5dev7?
Not particularly, how/when do you observe them ? On session
establishment, to haproxy, to backend servers, during data
transfers ? What's the order of magnitude ?
On Wed, Jun 6, 2012 at 3:50 AM, David Coulson da...@davidcoulson.net wrote:
you might also want to look at having varnish prepend the haproxy IP to the
X-Forwarded-For line, rather than just pass it along - Most proxies seem to
comma delimit a list of IPs of all the devices the request has
14 matches
Mail list logo
