Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Far too many BE's! One HA-proxy backend per service!! Possible !!??

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    1
    2
    46
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      louis2
      last edited by

      I am ^not happy^ with the number of HA-proxy backends as related to a certain backend-service (a certain webserver, mailserver, any server type).

      Servers do handle

      • IPV4 and IPV6.
      • multiple ports ...
      • those ports can be any combination of HTTP, HTTPS, SSL/TSL, unencrypted

      I want to monitor the availability of the server, I do not want to monitor if it is responding to

      • on ip type level
      • on port number level

      So I want to pick one of those combinations for the test heart beat.

      I would like to have the option to show the backend in the GUI

      • all ways
      • only if not reachable (that would probably be my preference)
      • never

      So the backend type I would like to define has following characteristics:

      • IPV4 => stays IPV4
      • IPV6 => Stays IPV6
      • port-no-x => stay's port-no-x
      • SSL/TSL stays SSL/TSL
      • unencrypted stays unencrypted
      • separate settings to define the check heart-beat to the server

      At the moment I experiment with one backend per IP-type and one for secure and one for unsecure. But even if that works that are allready 4 times as much backends as I would like.

      Not to mention the test heartbeat. If I am correct the port forward number equals the incoming port number if left empty, but I noticed error messages doing so.
      Also wondering how to configure the HB-port given that there is no separate field to configure that.

      Note that IMHO HA-proxy is a great tool ..... but one back end per destination, should do the job

      L 1 Reply Last reply Reply Quote 0
      • L
        louis2 @louis2
        last edited by

        @louis2

        I think separate back-ends for IPV4 and IPV6 are not necessary not even a good idea since the proxy has two completely isolated connections. One to the front end, one to the server.

        So I decided to handle all server related connections via IPV4 since local IPV4 can not be reached from the internet.

        That action already reduced the number of backends by a factor two 😊

        1 Reply Last reply Reply Quote 0
        • First post
          Last post