I’m trying to tie Polaris GSLB in to haproxy to geo-balance some TCP connections (OpenVPN). The problem I’m running into is that the frontend IP that I’m binding to still responds to the TCP connection request, even when all of the backend servers are down. I tried searching for a solution, but haven’t had much luck. From what I can tell, Polaris has the ability to send a string as part of the payload in the connection check, but I haven’t seen any way to respond to that payload based on the status of the backend. The best I’ve got so far is “tcp-request connection reject if { nbsrv(vpn) lt 1 }”, but as far as Polaris is concerned, the VIP is still up.

2 posts - 2 participants

Read full topic

I’m trying to setup a simple multi-layered haproxy setup to mimic a real-world issue with some devices with each proxy adding a proxy protocol header to the first packet as it goes through.

However, I’ve been quite unsuccessful trying to mimic that. The second proxy receives the packet with a proxy header but as it sends out its own header, it strips out the old header. Is there a way one can persist both the headers when the packet reaches the backend?

These are my config.

This is for proxy1. This receives the request from the client and proxies it to another proxy.

global
defaults
        timeout client          30s
        timeout server          30s
        timeout connect         30s

frontend MyFrontend
        bind                    0.0.0.0:80
        default_backend         TransparentBack_http

backend TransparentBack_http
        mode                    http
        server                  Proxy 172.18.0.3:80 check send-proxy

This is for proxy2. This handles the connection from proxy1 and sends it to the server.

global
defaults
        timeout client          30s
        timeout server          30s
        timeout connect         30s

frontend MyFrontend
        bind                    0.0.0.0:80
        default_backend         TransparentBack_http

backend TransparentBack_http
        mode                    http
        server                  WebServer 172.18.0.2:80 check send-proxy-v2

1 post - 1 participant

Read full topic

I’m trying to use a static site (S3 + Cloudfront) as a backend in my HAProxy configuration. The static service is configured to redirect HTTP requests to HTTPS. So —

# Gives a #301
curl <site>.cloudfrount.net

and

# Gives a 200
curl https://<site>.cloudfront.net

However, if I enter this as a backend in HAProxy —

backend my_server
    http-response set-header Strict-Transport-Security max-age=31536000
    server my_server <id>.cloudfront.net ssl verify none

I get a bunch of IP address of my_server changed from to logs continuously, and whenever I hit a route which evaluates to use the cloudfront backend, I receive a messageFailed to connect() no free ports`

I suspect this is because HAProxy is falling into a redirect loop. Is this because HAProxy is not making a https call to the server? How can I ensure it does?

7 posts - 2 participants

Read full topic

Hello,

I have a single server with one Public IP and 10 domains. For each domain I’d like to have a separate docker container as an email server (Postfix + Dovecot). I’d like to achieve this with transparent TCP proxy with SNI support.

I’d like to route traffic from example.com on ports 587 & 143 to one container and traffic for acme.com on ports 587 & 143 to a different container, etc.

Can I achieve this by using host:port? Does anyone know of an example?

I found some information on http://www.haproxy.org/download/1.6/doc/configuration.txt about this, but not enough to achieve my desired setup.

Thank you.

4 posts - 2 participants

Read full topic

I installed Proxmox and I want to make the 2nd scheme in the picture.

For this, I installed HAproxy (1.7.8) on Proxmox (5.4) and edited the HAproxy’s config file. I get a 503 error when I try to access it with domains. What could be the reason for this?

If the second scheme is not possible, can I at least make the first scheme?

W1.fw1200×440 16.1 KB

1 post - 1 participant

Read full topic

We are using HaProxy as a reverse proxy, SSL certifications are installed in the Load Balancer (SSL offloading). In the backend we have some websites using shopware and typo3 .

We have enabled HTTP2 in HAproxy in order to improve the performance of our websites.

The website using (typo3) crashed after few hours, the load average in the webserver increased to high level: 25-30 with many HTTPD process !! I got some error from log file (too many connections to the DB…).

I’ve added some resources to the webserver (20 GB of RAM, 8 CPU ), the server resist but it finally crashed.

Other websites using shopware works fine…

I’m not sure if this is related to our architecture (SSL offloading) or there is something to be changed in the backend (Apache or typo3).

OS:Centos7
HA-Proxy version 1.8.14-52e4d43
Webserrver apache

Thank you.

1 post - 1 participant

Read full topic

The bootstrap v3.3.5 use on the error-page-503.http. Do you think update this to latest bootstrap version>?

haproxy/conf/error-page-503.http

1 post - 1 participant

Read full topic

Every time my stats page refreshed, my browser signs me out. I’m not really sure why that is happening. I remember very clearly that it didn’t use to happen like that earlier. Below is a snippet from my configuration with some sensitive information chalked out:

Annotation 2020-07-22 2249221195×818 123 KB

Would appreciate your help in this regard.

Much thanks,

1 post - 1 participant

Read full topic

I created a BASH Script to automate the Build Process for HAProxy on CentOS 7. It is here: https://github.com/ronnie-lazarus/Shell-Scripts/tree/master/HAProxy%20Build%20(with%20LUA)%20over%20CentOS%207

I’ve been using this for all my server installs. However, the question I always had in my mind was how to upgrade if I ever needed it. Do I just compile the new binaries and replaces the sbin directory? What would be the specifics? Any help is much appreciated.

Thanks,

1 post - 1 participant

Read full topic

Hello,
I have the following topology:
4 postgresql servers running on 2 different datacenters, 2 on each site.
The production site needs to be read write and the DR site only read.
Patroni is replicating postgresql databases between all nodes and is working well.

The main goal is to accomplish HAproxy to listen on the same port for read and write.

On the statistics report, I see that HAproxy is showing the correct Master node and the correct replica node. i tested failover between the nodes and HAproxy recognized the failover.

The issue here is that HAproxy is not sending the write request to the master. it looks like it’s doing round robin or even sending the requests randomly between the master backend and the replica backend.

Hope somebody can help.
Thanks,
Amit

This is my configuration on the production site:

global
log 127.0.0.1:514 local0
maxconn 500

defaults
log global
mode tcp
retries 2
timeout client 30m
timeout connect 4s
timeout server 30m
timeout check 5s

listen stats
mode http
bind *:7000
stats enable
stats uri /

frontend master_postgresql
bind *:5000
acl is_write method POST UPDATE DELETE
use_backend backend_master if is_write
default_backend backend_master

frontend replicas_postgresql
bind *:5000
acl is_read method GET
use_backend backend_replicas if is_read
default_backend backend_replicas

backend backend_master
option httpchk OPTIONS /master
server pg01 pg01:5432 check port 8008
server pg02 pg02:5432 check port 8008

backend backend_replicas
option httpchk OPTIONS /replica
server pg01 pg01:5432 check port 8008
server pg02 pg02:5432 check port 8008

1 post - 1 participant

Read full topic

Hi,
I have 2 HAProxy nodes installed with 2 different versions. 1.5 and 2.2.
It looks like the default check in 1.5 is L7STS vs L7RSP in version 2.2.
Because of that difference, only the 1.5 version shows health nodes.

Is it possible to force L7STS on version 2.2?

My configuration:
global
log 127.0.0.1:514 local0
maxconn 500

defaults
log global
mode tcp
retries 2
timeout client 30m
timeout connect 4s
timeout server 30m
timeout check 5s

listen stats
mode http
bind *:7000
stats enable
stats uri /

frontend master_postgresql
bind *:5000
acl is_write method POST UPDATE DELETE
use_backend backend_master if is_write
default_backend backend_master

frontend replicas_postgresql
bind *:5000
acl is_read method GET
use_backend backend_replicas if is_read
default_backend backend_replicas

backend backend_master
option httpchk OPTIONS /master
server pg01 pg01:5432 check port 8008
server pg02 pg02:5432 check port 8008

backend backend_replicas
option httpchk OPTIONS /replica
server pg01 pg01:5432 check port 8008
server pg02 pg02:5432 check port 8008

1 post - 1 participant

Read full topic

Hello

I have this setup

1. HAProxy Server
2. Two Nginx web servers

I need to redirect user according to the URLs
But the URLs is variable not static URLs (domainname/variablename)
I used (balance url_param id) but it isn’t work

This is my haproxy configuration

frontend haproxynode
bind *:80
bind *:443 ssl crt /etc/haproxy/certs/domainname.pem
http-request redirect scheme https unless { ssl_fc }
mode http
default_backend backendnodes

backend backendnodes
mode http
balance url_param id
option httpchk
hash-type consistent
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
option httpchk HEAD / HTTP/1.1\r\nHost:localhost
server node1 x.x.x.x:4444 check ssl verify none
server node2 x.x.x.x:4444 check ssl verify none

Kindly i need your support

Thanks

1 post - 1 participant

Read full topic

Hello,
The scenario seems pretty simple, but I am having a very difficult time implementing. Briefly:
WAN -> pfSense(haproxy) -1> x.x.x.249 example1.com -> x.x.x.246 example2.com

I have certs on both servers using certbot/letsencrypt. Currently, both sites are returning error 500.
I’m really not sure how to troubleshoot/where to go from here as I’ve been feverishly searching for about two days now to get this to work.

• pfsense v 2.4.5-RELEASE-p1
  – haproxy v 1.8.25

• Relevant configs:

  Automaticaly generated, dont edit manually.
  Generated on: 2020-07-23 22:17
  global
   maxconn			10000
   stats socket /tmp/haproxy.socket level admin  expose-fd listeners
   uid			80
   gid			80
   nbproc			1
   nbthread			1
   hard-stop-after		15m
   chroot				/tmp/haproxy_chroot
   daemon
   tune.ssl.default-dh-param	2048
   server-state-file /tmp/haproxy_server_state
   ssl-server-verify none
  
  listen HAProxyLocalStats
   bind 127.0.0.1:2200 name localstats
   mode http
   stats enable
   stats admin if TRUE
   stats show-legends
   stats uri /haproxy/haproxy_stats.php?haproxystats=1
   timeout client 5000
   timeout connect 5000
   timeout server 5000
  
  frontend SplitFinleyCorbett
   bind			<snip>:443 name <snip>:443   ssl crt-list /var/etc/haprox /SplitFinleyCorbett.crt_list  
   mode			http
   log			global
   option			http-keep-alive
   timeout client		30000
   acl			TimFinley	var(txn.txnhost) -m str -i example1.com
   acl			CorbettCloud	var(txn.txnhost) -m str -i example2.com
   http-request set-var(txn.txnhost) hdr(host)
   use_backend DebianServer_ipvANY  if  TimFinley aclcrt_SplitFinleyCorbett
   use_backend CorbettCloud_ipvANY  if  CorbettCloud aclcrt_SplitFinleyCorbett
  
  backend DebianServer_ipvANY
   mode			http
   id			100
   log			global
   timeout connect		30000
   timeout server		30000
   retries			3
   option			httpchk OPTIONS / 
   server			DebianServer 192.168.1.249:443 id 101 check inter 1000  ssl verify none 
  
  backend CorbettCloud_ipvANY
   mode			http
   id			102
   log			global
   timeout connect		30000
   timeout server		30000
   retries			3
   option			httpchk OPTIONS / 
   server			CorbettCloud 192.168.1.246:443 id 103 check inter 1000  ssl verify none
  

• stats show:

pxname,svname,qcur,qmax,scur,smax,slim,stot,bin,bout,dreq,dresp,ereq,econ,eresp,wretr,wredis,status,weight,act,bck,chkfail,chkdown,lastchg,downtime,qlimit,pid,iid,sid,throttle,lbtot,tracked,type,rate,rate_lim,rate_max,check_status,check_code,check_duration,hrsp_1xx,hrsp_2xx,hrsp_3xx,hrsp_4xx,hrsp_5xx,hrsp_other,hanafail,req_rate,req_rate_max,req_tot,cli_abrt,srv_abrt,comp_in,comp_out,comp_byp,comp_rsp,lastsess,last_chk,last_agt,qtime,ctime,rtime,ttime,agent_status,agent_code,agent_duration,check_desc,agent_desc,check_rise,check_fall,check_health,agent_rise,agent_fall,agent_health,addr,cookie,mode,algo,conn_rate,conn_rate_max,conn_tot,intercepted,dcon,dses,
HAProxyLocalStats,FRONTEND,1,1,2000,2,135,24816,0,0,0,OPEN,1,2,0,0,1,0,1,0,1,0,0,0,0,1,1,2,0,0,0,0,http,1,1,2,2,0,0,
HAProxyLocalStats,BACKEND,0,0,0,0,200,0,135,24816,0,0,0,0,0,0,UP,0,0,0,0,221,1,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,http,roundrobin,
SplitFinleyCorbett,FRONTEND,0,0,2000,0,0,0,0,0,0,OPEN,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,http,0,0,0,0,0,0,
DebianServer_ipvANY,DebianServer,0,0,0,0,0,0,0,0,0,0,0,0,UP,1,1,0,0,0,221,0,1,100,101,0,2,0,0,L7OK,200,1,0,0,0,0,0,0,0,0,-1,OK,0,0,0,0,Layer7 check passed,2,3,4,192.168.1.249:443,http,
DebianServer_ipvANY,BACKEND,0,0,0,0,200,0,0,0,0,0,0,0,0,0,UP,1,1,0,0,221,0,1,100,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,-1,0,0,0,0,http,roundrobin,
CorbettCloud_ipvANY,CorbettCloud,0,0,0,0,0,0,0,0,0,0,0,0,DOWN,1,1,0,1,1,221,221,1,102,103,0,2,0,0,L7STS,500,9,0,0,0,0,0,0,0,0,-1,Internal Server Error,0,0,0,0,Layer7 wrong status,2,3,0,192.168.1.246:443,http,
CorbettCloud_ipvANY,BACKEND,0,0,0,0,200,0,0,0,0,0,0,0,0,0,DOWN,0,0,0,1,221,221,1,102,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,-1,0,0,0,0,http,roundrobin,

Server Information:
both servers are running debian 10 buster, apache 2.4
example2.com is a nextcloud installation.
example1.com hosts a handful of random websites and apps that will be split up if I can successfully get haproxy to work.

regardless, both apache sites-enabled configs look similar:

• 000-default.conf

  <VirtualHost *:80>
    ServerName example(x).com
    ServerAlias www.example(x).com
  
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
  
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
  
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =example(x).com [OR]
    RewriteCond %{SERVER_NAME} =www.example(x).com
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
  </VirtualHost>
  

• 000-default-le-ssl.conf

   <IfModule mod_ssl.c>
     <VirtualHost *:443>
        ServerName example(x).com
        ServerAlias www.example(x).com
  
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
  
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
  
        SSLCertificateFile /etc/letsencrypt/live/example(x).com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/example(x).com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
    </VirtualHost>
  </IfModule>
  

Did I miss anything?

1 post - 1 participant

Read full topic

Hi! I tried to use avahi zeroconf local addresses in Haproxy backends and had success until I turned off the backend. Now if I try to restart Haproxy with the backend off I got an error stating it can not resolv the address which is certainly true due to it is off.

Here is the Haproxy:

frontend ssh_zeroconf
   bind :87
   mode tcp
   default_backend zeroconfssh

backend zeroconfssh
   mode tcp
   server bicha gise.local:22

Here is an extract of the log when I try to restart it:

Jul 23 23:56:04 ubuntu haproxy[32529]: [ALERT] 204/235554 (32529) : Failed to initialize server(s) addr.
Jul 23 23:56:14 ubuntu haproxy[32530]: [ALERT] 204/235604 (32530) : parsing [/etc/haproxy/haproxy.cfg:375] : 'server bicha' : could not resolve address 'gise.local'.
Jul 23 23:56:14 ubuntu haproxy[32530]: [ALERT] 204/235604 (32530) : Failed to initialize server(s) addr.
Jul 23 23:56:33 ubuntu haproxy[32534]: [ALERT] 204/235623 (32534) : parsing [/etc/haproxy/haproxy.cfg:375] : 'server bicha' : could not resolve address 'gise.local'.
Jul 23 23:56:33 ubuntu haproxy[32534]: [ALERT] 204/235623 (32534) : Failed to initialize server(s) addr.
Jul 23 23:56:43 ubuntu haproxy[32537]: [ALERT] 204/235633 (32537) : parsing [/etc/haproxy/haproxy.cfg:375] : 'server bicha' : could not resolve address 'gise.local'.
Jul 23 23:56:43 ubuntu haproxy[32537]: [ALERT] 204/235633 (32537) : Failed to initialize server(s) addr.

Isn’t there a way I can tell haproxy to start and not complain when it can not resolve a “*.local” zeroconf address?

Thanks in advance!
Hernán

1 post - 1 participant

Read full topic

Hello,

is it possible to compare two variables in haproxy without the need of a lua script ?

http-request set-var(req.cookieval) %[req.cook(myval)]
http-request set-var(req.checksum) hdr(My-Header),concat("secret"),sha2(256),hex

acl vars_equal %[var(req.cookieval)] eq %[var(req.checksum)]

Thanks in advance

1 post - 1 participant

Read full topic

I want to use HAProxy to redirect services based on domain name.

i.e.
host1.example.com --> service1
host2.example.com --> service2

How should I proceed?

1 post - 1 participant

Read full topic

Hi,

Is there a way of handling the HTTP CONNECT method for a http backend that needs to connect to an SSL server?

I’m trying to get HAProxy to act as a forward proxy and load balancer. This is because it’s already balancing internet traffic on each box as a sidecar through multiple squid servers. This all works fine.

But, we have some internal services that I’d like to balance with this same sidecar. Host matching is fine with the HTTP CONNECT method, but I can’t figure out how to try and support this within HAProxy when the end servers do not support the CONNECT method (They are nginx reverse proxies).

After this stage we’ll probably replace nginx with haproxy configuration too so all proxying on the box is through a single proxy engine.

I’ve tried quite a lot of the usual suspects. I was hoping that option http-tunnel might be of help along with munging the connect method to OPTIONS method, but the trouble is of course this results in a corrupted HTTP exchange.

Any hints? Or absolute “not possibles…”

1 post - 1 participant

Read full topic

Hello all,
I am new to this forum and am learning some new tricks.
Want to create a smart dns proxy to watch Indian tv shows/movies/sports etc in Australia.
Did some research and found that I can make a Smart DNS using HAproxy with Bind or Dnsmasq on a VPS (I have AWS and DO). But don’t know how to proceed, can somebody guide me with a detailed tutorial ?
Also we need to configure to use it with dynamic dns, as my ISP keeps changing my IP address frequently.
Thanks

5 posts - 2 participants

Read full topic

Hi All,

Im trying to set up haproxy as a forward proxy that adds a client certificate to authenticate against a backend.

This backend server does not present the correct CA list to haproxy, the client certificate comes from another CA. The backend is a PaaS and they do not have control over the CA’s presented.
On Apache HTTPD mod_proxy I solved this by setting my own list of CA’s using ‘SSLProxyMachineCertificateChainFile’ sort of faking the acceptable CA list.

How can I get haproxy to send the configured certificate to the backend? from the documentation I figured it would send the “default” or first configured certificate.
How can I set the log to a level where it shows me trying to send the client certificate or not? this is not visible now?

Any help would be apreciated!

Configuration:

listen c4-stedin-o
bind 0.0.0.0:8003
# Enable trace logging:
filter trace hexdump random-parsing random-forwarding
acl network_allowed src 127.0.0.1
acl correct_host hdr(host) -i host
http-request deny if !correct_host

    default-server ca-file /etc/ssl/cert.pem ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256
    default-server ssl sni req.hdr(host) check crt /usr/local/etc/config-secret/certificate.pem

    http-request set-header X-Forwarded-Proto https
    use-server c4_backend if { hdr(host) -i host }
    server c4_backend host:443

HAProxy log:

│ 2020-07-27T15:50:06.021536123Z 1595865006.021443 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064035 0x00000000] trace_attach : filter-type=frontend │
│ 2020-07-27T15:50:06.021569326Z 1595865006.021443 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064035 0x00000000] trace_stream_start │
│ 2020-07-27T15:50:06.021574327Z 1595865006.021443 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064035 0x00000000] trace_chn_start_analyze : channel=REQUEST - mode=HTTP (frontend) │
│ 2020-07-27T15:50:06.021578327Z 1595865006.021443 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064034 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (frontend) - analyzer=AN_REQ_WAIT_HTTP - step=PRE │
│ 2020-07-27T15:50:06.073696653Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064034 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (frontend) - analyzer=AN_REQ_WAIT_HTTP - step=PRE │
│ 2020-07-27T15:50:06.073813962Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064030 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (frontend) - analyzer=AN_REQ_WAIT_HTTP - step=POST │
│ 2020-07-27T15:50:06.073835464Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064030 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (frontend) - analyzer=AN_REQ_HTTP_PROCESS_FE - step=PRE │
│ 2020-07-27T15:50:06.073869667Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064020 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (frontend) - analyzer=AN_REQ_HTTP_PROCESS_FE - step=POST │
│ 2020-07-27T15:50:06.073878267Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064020 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (frontend) - analyzer=AN_REQ_SWITCHING_RULES - step=PRE │
│ 2020-07-27T15:50:06.073885268Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064000 0x00000000] trace_stream_set_backend : backend=c4-stedin-o │
│ 2020-07-27T15:50:06.073892268Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064c00 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (backend) - analyzer=AN_REQ_SWITCHING_RULES - step=POST │
│ 2020-07-27T15:50:06.073899669Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064c00 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (backend) - analyzer=AN_REQ_SRV_RULES - step=PRE │
│ 2020-07-27T15:50:06.07390697Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064800 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (backend) - analyzer=AN_REQ_SRV_RULES - step=POST │
│ 2020-07-27T15:50:06.07391387Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00064800 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (backend) - analyzer=AN_REQ_HTTP_INNER - step=PRE │
│ 2020-07-27T15:50:06.073923971Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x0004c000 0x00000000] trace_chn_analyze : channel=REQUEST - mode=HTTP (backend) - analyzer=AN_REQ_HTTP_INNER - step=POST │
│ 2020-07-27T15:50:06.073931372Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x0004c000 0x00000000] trace_http_headers : channel=REQUEST - mode=HTTP (backend) GET http://host/http/aansluitingsSync │
│ 2020-07-27T15:50:06.073938572Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x0004c000 0x00000000] host: host │
│ 2020-07-27T15:50:06.073944473Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x0004c000 0x00000000] user-agent: curl/7.64.1 │
│ 2020-07-27T15:50:06.073950573Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x0004c000 0x00000000] accept: / │
│ 2020-07-27T15:50:06.073956474Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x0004c000 0x00000000] proxy-connection: Keep-Alive │
│ 2020-07-27T15:50:06.073963474Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x0004c000 0x00000000] x-forwarded-proto: https │
│ 2020-07-27T15:50:06.073969675Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x00000000] trace_http_payload : channel=REQUEST - mode=HTTP (backend) - offset=250 - len=1 - forward=1 │
│ 2020-07-27T15:50:06.073976475Z 1595865006.073556 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x00000000] trace_http_end : channel=REQUEST - mode=HTTP (backend) │
│ 2020-07-27T15:50:06.113281562Z 1595865006.112851 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x33580000] trace_chn_start_analyze : channel=RESPONSE - mode=HTTP (backend) │
│ 2020-07-27T15:50:06.113442275Z 1595865006.112851 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x33400000] trace_chn_analyze : channel=RESPONSE - mode=HTTP (backend) - analyzer=AN_RES_WAIT_HTTP - step=PRE │ │
│ 2020-07-27T15:50:06.13729941Z 127.0.0.1:59956 [27/Jul/2020:15:50:06.073] c4-stedin-o c4-stedin-o/c4_backend 0/0/39/23/62 401 249 - - ---- 5/1/0/0/0 0/0 “GET http://host/http/aansluitingsSynchronisatieBericht HTTP/1.1” │
│ 2020-07-27T15:50:06.137246205Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x33400000] trace_chn_analyze : channel=RESPONSE - mode=HTTP (backend) - analyzer=AN_RES_WAIT_HTTP - step=PRE │
│ 2020-07-27T15:50:06.137321411Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x33000000] trace_chn_analyze : channel=RESPONSE - mode=HTTP (backend) - analyzer=AN_RES_WAIT_HTTP - step=POST │
│ 2020-07-27T15:50:06.137325412Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x33000000] trace_chn_analyze : channel=RESPONSE - mode=HTTP (backend) - analyzer=AN_RES_HTTP_PROCESS_FE/BE - step=PRE │
│ 2020-07-27T15:50:06.137329012Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x26000000] trace_chn_analyze : channel=RESPONSE - mode=HTTP (backend) - analyzer=AN_RES_HTTP_PROCESS_FE/BE - step=POST │
│ 2020-07-27T15:50:06.137332512Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x26000000] trace_http_headers : channel=RESPONSE - mode=HTTP (backend) HTTP/1.1 401 │
│ 2020-07-27T15:50:06.137335913Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x26000000] x-message-code: PWD_WRONG │
│ 2020-07-27T15:50:06.137339513Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x26000000] www-authenticate: Basic realm=“SAP HANA Cloud Platform” │
│ 2020-07-27T15:50:06.137342913Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x26000000] transfer-encoding: chunked │
│ 2020-07-27T15:50:06.137346113Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x26000000] date: Mon, 27 Jul 2020 15:50:06 GMT │
│ 2020-07-27T15:50:06.137349214Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x26000000] server: SAP │
│ 2020-07-27T15:50:06.137353314Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x26000000] strict-transport-security: max-age=31536000; includeSubDomains; preload │
│ 2020-07-27T15:50:06.137356514Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x24000000] trace_http_payload : channel=RESPONSE - mode=HTTP (backend) - offset=247 - len=2 - forward=2 │
│ 2020-07-27T15:50:06.137363615Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00048000 0x24000000] trace_http_end : channel=RESPONSE - mode=HTTP (backend) │
│ 2020-07-27T15:50:06.137369415Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00040000 0x20000000] trace_chn_end_analyze : channel=REQUEST - mode=HTTP (backend) │
│ 2020-07-27T15:50:06.137387117Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00040000 0x20000000] trace_chn_end_analyze : channel=RESPONSE - mode=HTTP (backend) │
│ 2020-07-27T15:50:06.137392617Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00000000 0x00000000] trace_stream_stop │
│ 2020-07-27T15:50:06.137397117Z 1595865006.135480 [TRACE/c4-stedin-o ] [strm 0x556ecc6ab2e0(34d) 0x00000000 0x00000000] trace_detach : filter-type=frontend

2 posts - 2 participants

Read full topic

Hi
What number of nbproc & cpu maps and processes should i use when have 8 vcore instance?
Tnx in advance

2 posts - 2 participants

Read full topic