On-marked-down shutdown-sessions not working
Hello, I’m using HAproxy to balance connections to a PostgreSQL+repmgr master/slave configuration. I use an external-check command to verify which postgres server is the master via an SQL query. In...
View ArticleHAProxy 2.0.14 crashing very often with exit code 134
Hi, we are running haproxy 2.0.14 on our dev environment and it is crashing after sometime with code 134. [ALERT] 101/035225 (1) : Current worker #1 (51) exited with code 134 (Aborted) [ALERT]...
View ArticleHTTP to HTTPS endpoint behind Squid using client certificate authentication...
Is it possible to bind on HTTP while connecting to an HTTPS endpoint behind a Squid forwarding proxy using Client Certificate Authentication, while using Layer 7 proxy mode? We have this already...
View ArticleClik here to view.
HAProxy with SQL2019 AlwaysOn
Hello, I tried to make a config with MS SQL 2019 Always On. I have 2 SQL nodes in my cluster Always On, and I Have multiples Always On groups. IP xx.xx.xx.248 is for one listener in one of my Always...
View ArticleHAProxy and DS Photo
Hello, I’m having issues using HAProxy with my Synology’s DS Photo App. I’ve got the following in my confg: global daemon maxconn 256 log 192.170.10.13:514 local0 defaults mode http timeout connect...
View ArticleHow to Remove and Append Path for root context Based Deployment
HI Team, WIll appreciate your quick help to get the recommended approach for achieve this. abc.com/product1 —> remove product1 from frountend ( or backend) and fwd request to backend where...
View ArticleHaproxy Runtime API returns empty result
Hi, I’ve configured HaProxy using the below config: global maxconn 15000 # Maximum concurrent connections nbproc 1 pidfile /var/run/haproxy.pid log /dev/log local0 info user root group root...
View ArticleSet scheme to http and dynamic authority on health check
I need to send a HTTP2 GET request where the HEADER :scheme: is set to http (not https) and HEADER :authority: is the IP address of each server on the server line How can I change the code below to...
View ArticleClik here to view.
Match traffic based on path using a wildcard
Hello, I have a server with a bunch of services that I am currently reverse proxying. service_a: Default backend that serves an HTML landingpage. subdir.mydomain.net service_b: Has lots of paths that...
View ArticleDynamic Backend server IP
Hello all. I’m new to HAProxy so still getting used to HA Proxy. With regards to backend configs, I have a scenario where I could have 1000’s backend server configs and wondered if there was a way to...
View ArticleActions on server reject
I’m trying to proxy for a server that has its own anti-bot protection built-in - if the protection is triggered, it closes the connection with RST,ACK (as far as I’m aware it always does that after...
View ArticleSource IP (forwardfor) on SSL Passthrough
So I currently have this frontend for incoming HTTPS traffic, which inspects the SNI and decides if it needs to perform decryption or not. listen haproxy-tcp-in mode tcp bind 192.168.1.2:443...
View Article#tune.http.logurilen not working
Hi All, When there is a get request with bigquery some of the portion of that query is not getting logged in haproxy logs. I have tried to use tune.http.logurilen in global section, increased it from...
View ArticleClik here to view.
Refining logging with syslog-ng
Hi, I would like to use different logfiles to store different detailed activity reports. For an example : a file dedicated to a specific backend, another one for failed requests (error 500), … We are...
View ArticleCan't get dynamic custom error pages to work (HAProxy 2.3.5 on RHEL 8
I am trying to implement a country based custom error page dependent of the status code like its shown here Serve Dynamic Custom Error Page - my implementation is based on the scenario where they use...
View ArticleUse other backend if timeout occured
Is it possible with HAproxy to change backend to secondary (backup) if primary don’t answer in certain time? I need all request sent do backend1, but if reply from backend1 won’t come in 500 ms then...
View ArticleStrange cipher issue
Hi , I am struggling with a cipher issue and would request your input. The haproxy is built with opensssl.I am trying to use “ssl-default-bind-ciphersuites” is global section. But haproxy compalns as...
View ArticleRedirecting different front end ports to dynamic (srv lookup) backends...
I need to add the 8448 port, I was thinking of adding this binding to the frontend https. But how do I redirect the 8448 port traffic to the backend _httpsfed._synapse.matrix.dev._tcp.local (and keep...
View ArticleSpecify intermediate cert seperately possible
I can remember some discussion quite a while ago about configuring certs and keys. Is it meanwhile possible to specify these and an intermediate cert separately? 2 posts - 1 participant Read full topic
View ArticleTransparent proxying and binding
So, here is my setup: Haproxy 1 Interface with IP 192.168.1.2 for incoming traffic Interface with IP 192.168.1.4 for outgoing traffic Haproxy 2 Interface with IP 192.168.1.3 for incoming traffic...
View Article