Re: haproxy work on my local lan but not from the itnternet

From: Guillaume Bourque <Guillaume.Bourque#gmail.com>
Date: Wed, 12 Mar 2008 23:59:47 -0400


Hi Willy,

I found it ;-)

There ware a routing problem on my Firewall / NAT box. So answer ( tcp ack) from the dispatcher never when back to the client on the internet.

Now I will try to test the HA setup that if I loose de MASTER dispatcher I dont loose my open connections.

Any recommendation would be great on this.

Bye

Willy Tarreau a écrit :
> On Wed, Mar 12, 2008 at 05:36:22PM -0400, Guillaume Bourque wrote:
>
>> Sorry I forgot to mention I'm running kernel 2.6.22-14-virtual and no
>> rules in iptables.
>>
>
> Guillaume,
>
> Haproxy does not care if you come from the inside or outside network, since
> it's just a TCP proxy. However, since you're balancing on source IP address,
> I suspect that from the internal net, your hash goes to one server, and that
> from the internet address you used, you go to the other server and that it
> simply does not respond.
>
> Check the logs, check that the FW box correcly nats the outgoing traffic,
> and BTW, that the haproxy box has the correct default gateway to the net
> through the FW box.
>
> If nothing works, you can still produce a tcpdump trace on the haproxy box
> so that we can check at what moment the problem appears.
>
> Regards,
> Willy
>
>

-- 
Guillaume Bourque, B.Sc.,
consultant, infrastructures technologiques
Logisoft Technologies inc.
514 576-7638
http://www.logisoftech.com
Received on 2008/03/13 04:59

This archive was generated by hypermail 2.2.0 : 2008/03/13 05:00 CET