Re: stick-table ,show table, use field

Thanks Brian ! i have searched in management guides, but at "show table [ data. ] | [ key ]" :) BTW the doc says 2 things : 1] "their size in maximum possible number of entries, and the number of entries currently in use." it seems that's, in reality, the size of the table in bytes,

Minor HTTP patches

Hi Willy, Following my recent patches on HTTP/1.0 responses without content-length when compression filter is enabled, here is 2 small patches. The first one is a small code cleanup and the second one adds handy debug messages. Thanks, -- Christopher Faulet >From

[PATCH] BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers

Willy, I tagged this patch as a bug. But I don't found a way to hit it for now. It can be backported or not, as you wish. -- Christopher Faulet >From 4ffdfbed993eaeb6c777c148e1eb6a712bfc9e18 Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Wed, 29 Mar 2017

[PATCH] BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request

Willy, Another fix (with some cleanup in other paches). The first one (and probably the second one) can be backported. But I don't know if this is mandatory. It is really tricky to find conditions where it could be a problem. Thanks -- Christopher Faulet >From

Re: [Patches] TLS methods configuration reworked

Hi Emmanuel, On 03/30/2017 07:44 PM, Emmanuel Hocdet wrote: > The right patch series ... > >> Le 30 mars 2017 à 19:00, Emmanuel Hocdet a écrit : >> >> Hi Emeric, Willy >> >> Rework of patches serie to match default-server requirement and talk with >> Willy. >> It should be

Re: client connections being help open, despite option foceclose

Hi Patrick, Patrick Kaeding wrote: > I have one frontend, listening on port 443, and two backends, which send > traffic to either port 5050 or 5051. The haproxy stats screen is > showing many more frontend connections than backend (in one case, 113k > on the frontend, 97k on one backend, and 3k

Re: ssl & default_backend

El 30/03/17 a las 10:51:58, Antonio Trujillo Carmona escribió: I'm try to use haproxy for balancing Citrix. I prove with: acl aplicaciones req_ssl_sni -i aplicaciones.gra.sas.junta-andalucia.es acl citrixsf req_ssl_sni -i ssiiprovincial.hvn.sas.junta-andalucia.es use_backend CitrixSF-SSL

Re: configuration.txt questions

On Fri, Mar 31, Jarno Huuskonen wrote: > First I'm attaching a patch that corrects ]) order for urlp_val > and adds 'Example:' string to > src_clr_gpc0,src_inc_gpc0,sc2_clr_gpc0,sc2_inc_gpc0,ssl_c_sha1 > (I assume that Example: is what generates the example formatting in > html/dconv

Re: log-format & defaults section bug ?

Hello, Please find the patches in a better format. 0001-DOC-log-format-tcplog-httplog-update.patch Description: Binary data 0002-MINOR-config-parsing-add-warning-when-log-format-tcp.patch Description: Binary data Thank you Willy ;-) -- de Lafond Guillaume >>> Maybe we should emit a

Re: log-format & defaults section bug ?

Hello, Please find the patches in a better format. 0001-DOC-log-format-tcplog-httplog-update.patch Description: Binary data 0002-MINOR-config-parsing-add-warning-when-log-format-tcp.patch Description: Binary data Thank you Willy ;-) -- de Lafond Guillaume >>> Maybe we should emit a

Re: client connections being help open, despite option foceclose

Hello, Am 31.03.2017 um 19:59 schrieb Patrick Kaeding: Okay, thanks Holger! We were hitting the maxconn limit, which is what sparked this investigation. When we were at that limit, the discrepancy between frontend and backend was higher than when I could observe it above (we restarted

Re: ssl & default_backend

Hello Antonio, Am 31.03.2017 um 19:36 schrieb Antonio Trujillo Carmona: El 30/03/17 a las 10:51:58, Antonio Trujillo Carmona escribió: I'm try to use haproxy for balancing Citrix. I prove with: acl aplicaciones req_ssl_sni -i aplicaciones.gra.sas.junta-andalucia.es acl citrixsf req_ssl_sni

Re: client connections being help open, despite option foceclose

Okay, thanks Holger! We were hitting the maxconn limit, which is what sparked this investigation. When we were at that limit, the discrepancy between frontend and backend was higher than when I could observe it above (we restarted HAProxy to re-establish the connections and start anew). I also

Re: [Patches] TLS methods configuration reworked

Le 31 mars 2017 à 11:02, Emeric Brun a écrit :Hi Emmanuel,On 03/30/2017 07:44 PM, Emmanuel Hocdet wrote:The right patch series ...Le 30 mars 2017 à 19:00, Emmanuel Hocdet a écrit :Hi Emeric, WillyRework of patches serie to match default-server requirement and

Re: [PATCH] BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers

Le 31/03/2017 à 14:26, Willy Tarreau a écrit : On Fri, Mar 31, 2017 at 11:29:43AM +0200, Christopher Faulet wrote: Willy, I tagged this patch as a bug. But I don't found a way to hit it for now. It can be backported or not, as you wish. Thanks Christopher. I don't know either how to trigger

Re: 100% cpu usage with compression in haproxy.cfg

Hi guys, On Thu, Mar 30, 2017 at 12:12:44PM +0200, Cyril Bonté wrote: > From my first tests, it fixes the issue. > This morning, I had the issue on 3 connections. I've applied the patches on > this instance, let's wait 24h to see if it happens again. Now that the 24h observation period is

Re: 100% cpu usage with compression in haproxy.cfg

Hi, > De: "Willy Tarreau" > À: "Cyril Bonté" > Cc: "Christopher Faulet" , haproxy@formilux.org, > nos...@mrietzler.de > Envoyé: Vendredi 31 Mars 2017 14:44:41 > Objet: Re: 100% cpu usage with compression in haproxy.cfg > > Hi guys, > >

Re: 100% cpu usage with compression in haproxy.cfg

On Fri, Mar 31, 2017 at 02:47:36PM +0200, Cyril Bonté wrote: > Hi, > > > De: "Willy Tarreau" > > À: "Cyril Bonté" > > Cc: "Christopher Faulet" , haproxy@formilux.org, > > nos...@mrietzler.de > > Envoyé: Vendredi 31 Mars 2017 14:44:41 > >

Re: [PATCH] BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers

On Fri, Mar 31, 2017 at 02:45:15PM +0200, Christopher Faulet wrote: > > These situations cause trouble when not using the proper arithmetics. Either > > all the computations are made without wrapping, or all are made with > > wrapping. > > Any mix of the two causes issues. > > > > Yes, of

Re: [PATCH] BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request

On Fri, Mar 31, 2017 at 11:36:22AM +0200, Christopher Faulet wrote: > Willy, > > Another fix (with some cleanup in other paches). The first one (and probably > the second one) can be backported. But I don't know if this is mandatory. It > is really tricky to find conditions where it could be a

Re: configuration.txt questions

On Fri, Mar 31, 2017 at 02:59:37PM +0300, Jarno Huuskonen wrote: > On Fri, Mar 31, Jarno Huuskonen wrote: > > First I'm attaching a patch that corrects ]) order for urlp_val > > and adds 'Example:' string to > > src_clr_gpc0,src_inc_gpc0,sc2_clr_gpc0,sc2_inc_gpc0,ssl_c_sha1 > > (I assume that

Re: log-format & defaults section bug ?

On Fri, Mar 31, 2017 at 08:04:34PM +0200, de Lafond Guillaume wrote: > Hello, > > Please find the patches in a better format. Great, thank you Guillaume, both patches applied. Willy

Re: client connections being help open, despite option foceclose

Thanks Lukas, that makes sense. I will give this a shot and see what I can come up with. Thanks, Patrick On Fri, Mar 31, 2017 at 11:18 AM, Lukas Tribus wrote: > Hello, > > > Am 31.03.2017 um 19:59 schrieb Patrick Kaeding: > >> Okay, thanks Holger! We were hitting the maxconn

Re: OpenSSL engine and async support

Hi Emeric, Sorry for my delayed reply. On 03/28/2017 01:47 AM, Emeric Brun wrote: This is an atom C2518 and it seems that --disable-prf has cut the performance in half. We should receive a 8920 soon. Stopping the injection, the haproxy process continue to steal cpu doing nothing (top

Re: client connections being help open, despite option foceclose

Sorry, I forgot to mention that we are running HAProxy 1.7.3-1ppa1~xenial, released 2017/03/01, on Ubuntu 16.04, in EC2. On Fri, Mar 31, 2017 at 8:19 AM, Patrick Kaeding wrote: > Hi all > > I am trying to determine the cause of an issue where the number of > frontend

client connections being help open, despite option foceclose

Hi all I am trying to determine the cause of an issue where the number of frontend connections is much higher than the number of backend connections. I have one frontend, listening on port 443, and two backends, which send traffic to either port 5050 or 5051. The haproxy stats screen is showing