Happroxy and TCP SYN flood attacks

Respected Sir, I am Pooja from University of Hyerabad. Currently I am working on networking project for which I am using HAProxy as a load balancer. I have one doubt and that is: *Does HAProxy by default protect itself from DOS or TCP SYN flood attack? If not then how can protect it from these

Re: Force Sticky session on HaProxy

I've used something like this before: stick store-response res.cook(JSESSIONID) stick match req.cook(JSESSIONID) "stick on" does this I think: stick match req.cook(JSESSIONID) stick store-request req.cook(JSESSIONID) As the client doesn't have the cookie at the beginning of the connection it

Re: Force Sticky session on HaProxy

I've used peers for this situation personally. Sent from Nine From: Aaron West Sent: Oct 18, 2017 5:33 AM To: Devendra Joshi Cc: HAProxy Subject: Re: Force Sticky session on HaProxy I've used something like this

Re: Possible bug in task_wakeup() impacts Lua tasks

On 10/17/2017 07:05 PM, Emeric Brun wrote: > Hi Adis, > > This patch should fix the issue more consistently. > > Could you confirm? It seems to work fine here, for the trivial test task and other stuff I work with. Thanks! Best regards, Adis

What is the max size can be sent once?

Hi, all We are trying to tuning tune.bufsize which has a default 16K, can anyone tell me how many bytes can be sent once? Is it 16K exactly? or like 90%? Where in the source code can I find this kind of info? Thank you

Re: [PATCH] Allow OCSP repsonses containing multiple single responses

Felt bad about not including a documentation patch, so here it is. Changes: - Clarifies that HAProxy does not fetch OCSP responses. Apache just has a couple of set-and-forget directives that handle everything for you, so this was definitely non-obvious to me. - Removes mention of needing to

Re: Happroxy and TCP SYN flood attacks

On 18/10/2017 01:06 μμ, Pooja Patel wrote: > Respected Sir, > > I am Pooja from University of Hyerabad. Currently I am working on networking > project for which I am > using HAProxy as a load balancer. I have one doubt and that is: > > *Does HAProxy by default protect itself from DOS or TCP SYN

Re: Force Sticky session on HaProxy

Hi Daniel , Following is the case. [image: Inline images 1] My Query is : 1: When users are serving the webpages,and my *Apache1 *get down, HaProxy shifted the traffic to *Apache2*. But i don't want to shift this traffic to *Apache2 *when my *Apache1 *is down, cause my application is session

Re: Force Sticky session on HaProxy

Hi, maybe I am missing something, but isn’t this what http://cbonte.github.io/haproxy-dconv/1.6/configuration.html#4.2-cookie is supposed to do for you? We are using this (in prefix mode) to make sure the same

[PATCH] Reset a few more counters on "clear counters"

Hi, A few counters (namely, MaxSslRate, SslFrontendMaxKeyRate, and SslBackendMaxKeyRate) are not cleared as I think they should, when clear counters is used. The attached patch addresses that. Regards, Olivier >From d90baef4715024e50d9596bd1410b8ea03ae1ed9 Mon Sep 17 00:00:00 2001 From:

Re: Force Sticky session on HaProxy

https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#option redispatch On 18 Oct 2017 11:28 pm, "Devendra Joshi" wrote: Hi Daniel , Following is the case. [image: Inline images 1] My Query is : 1: When users are serving the webpages,and my *Apache1

Re: [PATCH] Reset a few more counters on "clear counters"

Hi Lukas, On Wed, Oct 18, 2017 at 07:06:19PM +0200, Lukas Tribus wrote: > Can we backport this one? There is at least one report for this in 1.7. yep, I retagged it BUG/MINOR as for me it definitely fixes a bug, thus it will land in 1.7 next time we backport some patches there. Thanks for the

Re: [PATCH] Reset a few more counters on "clear counters"

On Wed, Oct 18, 2017 at 07:06:19PM +0200, Lukas Tribus wrote: > Hello! > > > 2017-10-18 18:36 GMT+02:00 Willy Tarreau : > > > On Wed, Oct 18, 2017 at 04:29:19PM +0200, Olivier Houchard wrote: > > > A few counters (namely, MaxSslRate, SslFrontendMaxKeyRate, and > > >

Re: Possible bug in task_wakeup() impacts Lua tasks

On Wed, Oct 18, 2017 at 09:49:55AM +0200, Adis Nezirovic wrote: > On 10/17/2017 07:05 PM, Emeric Brun wrote: > > Hi Adis, > > > > This patch should fix the issue more consistently. > > > > Could you confirm? > > It seems to work fine here, for the trivial test task and other stuff I > work

Re: patch: allow to use any compiler

On Mon, Oct 09, 2017 at 10:27:19AM +0500, ??? wrote: > 2017-10-09 10:10 GMT+05:00 Vincent Bernat : > > > ? 9 octobre 2017 08:49 +0500, ??? : > > > > >> > any particular reason for mixing "CC=gcc" with "CC?=gcc" ? > > >> > > >> I don't

Issue with sdbm hash-type

We are seeing an issue where using SDBM hash-type that the last server in the pool is getting 100% of the traffic and the first server in the pool gets 0. We also tried adding a 3rd server and the last server still got all the traffic. All weights were 1. A config sample: backend VIP

Re: [PATCH] Reset a few more counters on "clear counters"

Hello! 2017-10-18 18:36 GMT+02:00 Willy Tarreau : > On Wed, Oct 18, 2017 at 04:29:19PM +0200, Olivier Houchard wrote: > > A few counters (namely, MaxSslRate, SslFrontendMaxKeyRate, and > > SslBackendMaxKeyRate) are not cleared as I think they should, when clear > > counters is

Re: [PATCH] Reset a few more counters on "clear counters"

On Wed, Oct 18, 2017 at 04:29:19PM +0200, Olivier Houchard wrote: > A few counters (namely, MaxSslRate, SslFrontendMaxKeyRate, and > SslBackendMaxKeyRate) are not cleared as I think they should, when clear > counters is used. > The attached patch addresses that. Applied, thanks! Willy

[SPAM] Do you want to know what is happening in the entrepreneurship world? BGI will tell you!

Your Newsletter for Updates on the Entrepreneurial Community and great opportunities from the BGI Network! Building Global Innovators Announces the 6 winner Startups for the Smart Energy Challenge Building Global Innovators has completed the selection process culminating to six disruptive

[PATCH] Allow OCSP repsonses containing multiple single responses

Obligatory "I am not a C programmer" and "my first upstream patch" messages. We had an issue where one of our server certificate issuers was sending us responses with 20 different single responses included. The serial numbers in the Certificate IDs were exactly sequential, so I'm guessing they're

Question about https rewrite

Hi, I did spend a lot (I really mean a lot) trying to make work Odoo webslide behind Haproxy but I still end put an nginx cause that module is sending javascript that call stuff in http instead of https. In the nginx world I have to had that to my server section and all the rewrite is done

Force Sticky session on HaProxy

Hi, Is anybody configured Force Sticky session in Haproxy (with JSESSIONID). I am using following things Centos 6.4 Apache 2.2 Jboss 4.0 ModJK and HaProxy 1.6.12 also check following setting in ModJK config but not succeed. cookie serverid insert indirect nocache stick-table type string len 36

Say Bye to Adwords – Grow with Our Organic Listing Plan

Dear haproxy.com Team, Hope all well at your end! After a thorough check of your website, it came into notice that you trying to captivate more customers and dealing to developing your standpoint both internationally and locally. You run a sponsor listing on Google to build your image