Hi,
I'm trying to put together a configuration to load balance a cluster of SMTP servers. As these servers run rbl checks on the incoming address, I need to configure haproxy as a transparent proxy using cttproxy.
I have patched a 2.6.17 kernel and iptables 1.3.5 and have them setup on a local machine. But I'm struggling to get cttproxy working with haproxy, and was wondering whether someone could point me in the right direction.
I have another machine with an MTA listening on 192.168.0.200, and the haproxy machine running on 192.168.1.10.
Here's the listen section from the config file:
listen smtp_proxy 192.168.1.10:25
mode tcp
balance roundrobin
server smtp1 192.168.0.200:25 source 192.168.1.10 usesrc clientip
I have a third machine running on 192.168.0.4 to run the tests. Running haproxy in debugging mode, I can see that the IP_TPROXY setsockopt request is successful, but the connection is not forwarded onto the MTA on 192.168.0.200 and eventually times out after a few tries.
At least the strace output leads me to believe it was successful:
> setsockopt(7, SOL_IP, 0x2c0a /* IP_??? */, "\1\0\0\0\300\250\0\4\0\0\0\0", 12) = 0
> setsockopt(7, SOL_IP, 0x2c0a /* IP_??? */, "\4\0\0\0\1\0\1\0z\352\5\10", 12) = 0
Can anyone see anything obviously wrong with the configuration?
Any help would be greatly appreciated.
Great piece of software, by the way :-)
Thanks,
Tim
Received on 2007/10/17 17:30
This archive was generated by hypermail 2.2.0 : 2007/11/04 19:21 CET