Re: Connection Errors

From: Willy Tarreau <w#1wt.eu>
Date: Thu, 12 Feb 2009 00:02:46 +0100


Hi John,

On Mon, Feb 09, 2009 at 11:22:07AM -0500, John Lauro wrote:
> Hello,
>
>
>
> I am using version 1.3.15.7 with kernel 2.6.28.2 in TPROXY mode. (I think
> getting transparent proxy working took 3 times as long as simply getting
> Haproxy working).
>
>
>
> I am having problems with loopback type definition now.
>
>
>
> Under "defaults application TCP" I have: source ww.xx.yy.zz usesrc
> client
>
>
>
> Then, under various ports I have stuff like:
>
> listen slave-8522
>
> bind :8522
>
> maxconn 6000
>
> server ..
>
> server ..
>
> server anyport 127.0.0.1:8527 maxconn 500 backup
>
>
>
> and also:
>
> listen anyport
>
> bind :8527
>
> server .
>
>
>
> The problem is, anyport as a fallback doesn't work anymore. A work around
> appears to be to move the source line from defaults application TCP, and
> place it under all listen sections (except for anyport). I tried various
> values for source under "listen anyport" such as 0.0.0.0:0, and source
> ww.xx.yy.zz, but it didn't help. It appears, once usesrc is set as default,
> it can't be unspecified?

you mean you can't disable it by simply using "source 0.0.0.0" in a listen section ? Hmmm I think you're right, as I recall having two bits to store the source and usesrc options individually. So it's quite possible that "source" does not reset the "usesrc" bit. I'll have to check that, it sounds like a stupid bug. Also, "no source" could be nice here.

> I would prefer not to use the work around, as it makes the configuration
> file less generic, and prone more to error when transferring the
> configuration to a box with a different IP. (Several lines to changes
> instead of one near the top).

I did not understand your issue initially, but now I do after having read Malcolm's post.

As I replied to him, I think that simply passing "source 0.0.0.0" on the server line should be enough.

Also, you have another alternative : if you just need to reconnect from a listen to another one, you can use "use_backend" with an ACL. Something approximately like this :

listen slave-8522 

        bind            :8522
        maxconn         6000
        server  ..
        server  ..
	acl     all_srv_dead nbsrv 0
        use_backend anyport if all_srv_dead

listen  anyport  
        bind            :8527

Instead of reconnecting locally, it will just internally switch to the second instance.

Hoping this helps,
Willy Received on 2009/02/12 00:02

This archive was generated by hypermail 2.2.0 : 2009/02/12 01:15 CET