English Forums > Web Proxy Filtering and Caching

After some help with HAProxy

(1/4) > >>

dustymiller259:
Now I've posted this in the correct forum, heres hoping for some assistance - Gotta love being a newbie at this.

I'm trying to understand how HAProxy work, and get it setup, but despite my limited understanding, i think i have the config correct, but it does not seem to work as expected at all. does anyone know of any good resources out there ?

I'm only trying to get it to work for a couple of webservers behind my firewall (Home Setup)

I have one rule working, but cant get the second to play without killing the first rule.

I basically have 1 rule working that say if "path contains string" = VirtualRadar then use one backend pool. That works

When I add an anti rule so if the "path Contains string" - VirtualRadar + then negate that condition, in the second rule, it all falls apart.

What am I missing

cmdr.adama:
Could you please post the whole config so we can get a better idea of the whole set up?

dustymiller259:
#
# Automatically generated configuration.
# Do not edit this file manually.
#

global
    # NOTE: Could be a security issue, but required for some feature.
    uid                         80
    gid                         80
    chroot                      /var/haproxy
    daemon
    stats                       socket /var/run/haproxy.socket group proxy mode 775 level admin expose-fd listeners
    nbproc                      1
    nbthread                    1
    tune.ssl.default-dh-param   1024
    spread-checks               0
    tune.chksize                16384
    tune.bufsize                16384
    tune.lua.maxmem             0
    log /var/run/log local0 debug

defaults
    log     global
    option redispatch -1
    timeout client 30s
    timeout connect 30s
    timeout server 30s
    retries 3

# autogenerated entries for ACLs

# autogenerated entries for config in backends/frontends

# autogenerated entries for stats


# Frontend: VirtualRadar_Real (VRS Server)
frontend VirtualRadar_Real
    bind www.millersmail.net:80 name www.millersmail.net:80
    mode http
    option http-keep-alive
    default_backend VirtualRadar_Backend
    # tuning options
    timeout client 30s

    # logging options

# Frontend: Web_Traffic_Real (Normal_HTTP)
frontend Web_Traffic_Real
    bind www.millersmail.net:80 name www.millersmail.net:80
    mode http
    option http-keep-alive
    default_backend Web_Traffic_Backend
    # tuning options
    timeout client 30s

    # logging options
    option httplog

# Backend: VirtualRadar_Backend (VRS Server)
backend VirtualRadar_Backend
    # health checking is DISABLED
    mode http
    balance source
    # stickiness
    stick-table type ip size 50k expire 30m 
    stick on src
    # tuning options
    timeout connect 30s
    timeout server 30s
    http-reuse safe
    server VirtualRadar_80 192.168.0.41:80

# Backend: Web_Traffic_Backend (Synology_NAS)
backend Web_Traffic_Backend
    # health checking is DISABLED
    mode http
    balance source
    # stickiness
    stick-table type ip size 50k expire 30m 
    stick on src
    # tuning options
    timeout connect 30s
    timeout server 30s
    http-reuse safe
    server Synology 192.168.0.11:80 ssl verify required ca-file /etc/ssl/cert.pem

dustymiller259:
Cant seem to find the rules in the proxy config, where are they stored ???

cmdr.adama:
Ok... First things first...

How the config is set up currently the second front end will never be hit... You have two front ends on the same port doing the exact same thing.. Ideally only have one front end per service so one for http and one for https...

Secondly I don't see in that config any ACLs for the front end or backend.

The back ends look ok just change the frontends and add ACLs to direct to each server.

Navigation

[0] Message Index

[#] Next page

Go to full version