Hi
I am testing out the new 1.6 Haproxy and everything works great except when I try to use it for balancing LDAP traffic in mode tcp. It seems to segfault after doing an initial connection. Below is the information, please let me know if I can get you any other information. Thanks!
Some System Info[root@lb1 conf]# uname -aLinux lb1 2.6.32-573.3.1.el6.x86_64 #1 SMP Thu Aug 13 22:55:16 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Build Infomake TARGET=linux2628 CPU=x86_64 USE_OPENSSL=1 USE_ZLIB=1 USE_PCRE=1 USE_LINUX_SPLICE=1
#Initial Connection try success[root@lb1 conf]# telnet 11.111.12.11 389Trying 11.111.12.11...Connected to 11.111.12.11.Escape character is '^]'.
#Next connection try fail[root@lb1 conf]# telnet 11.111.12.11 389Trying 11.111.12.11...telnet: connect to address 11.111.12.11: Connection refused
#Segfault[root@lb1 conf]# grep -i segfault /var/log/messagesNov 5 21:56:14 lb1 kernel: haproxy[2957]: segfault at b8 ip 0000000000415c16 sp 00007fff12a33920 error 4 in haproxy[400000+127000]
> Some of my haproxy config (also has some web frontend/backends):
global log 127.0.0.1 local2 ##Log to the local rsyslog daemon user haproxy group haproxy chroot /opt/haproxy/secure/chroot pidfile /var/run/haproxy.pid stats socket /tmp/haproxy.socket user nobody group nobody mode 600 level admin node lb1 description HAPROXY1 daemon maxconn 100000 spread-checks 3 ca-base /etc/ssl/certs/comb crt-base /etc/ssl/certs/comb# debug# nbproc 4 #Number of processes EXPERIMENTAL
defaults log global mode http option forwardfor compression algo gzip compression type text/html text/plain text/css text/xml text/javascript retries 5 timeout http-request 181s ##Higher than I want right now but application may require it - testing timeout http-keep-alive 5s timeout queue 32s timeout connect 12s timeout server 181s ##Higher than I want right now but application may require it - testing timeout client 32s option http-server-close option accept-invalid-http-request option splice-auto option tcp-smart-connect option tcp-smart-accept log-format %ci:%cp|[%t]|%ft|%b/%s|%Tq/%Tw/%Tc/%Tr/%Tt|%ST|%B|%CC|%CS|%tsc|%ac/%fc/%bc/%sc/%rc|%sq/%bq|%hr|%hs|%{+Q}r|%fi errorfile 408 /dev/null
frontend ldap_service_front mode tcp bind 11.111.12.11:389 description LDAP Service option socket-stats option tcpka timeout client 5s default_backend LDAP
backend LDAP mode tcp option ldap-check balance source server LDAP1 11.111.10.11:389 check inter 10s downinter 9s slowstart 20s server LDAP2 11.111.11.11:389 check inter 10s downinter 9s slowstart 20s
Marc
I am testing out the new 1.6 Haproxy and everything works great except when I try to use it for balancing LDAP traffic in mode tcp. It seems to segfault after doing an initial connection. Below is the information, please let me know if I can get you any other information. Thanks!
Some System Info[root@lb1 conf]# uname -aLinux lb1 2.6.32-573.3.1.el6.x86_64 #1 SMP Thu Aug 13 22:55:16 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Build Infomake TARGET=linux2628 CPU=x86_64 USE_OPENSSL=1 USE_ZLIB=1 USE_PCRE=1 USE_LINUX_SPLICE=1
#Initial Connection try success[root@lb1 conf]# telnet 11.111.12.11 389Trying 11.111.12.11...Connected to 11.111.12.11.Escape character is '^]'.
#Next connection try fail[root@lb1 conf]# telnet 11.111.12.11 389Trying 11.111.12.11...telnet: connect to address 11.111.12.11: Connection refused
#Segfault[root@lb1 conf]# grep -i segfault /var/log/messagesNov 5 21:56:14 lb1 kernel: haproxy[2957]: segfault at b8 ip 0000000000415c16 sp 00007fff12a33920 error 4 in haproxy[400000+127000]
> Some of my haproxy config (also has some web frontend/backends):
global log 127.0.0.1 local2 ##Log to the local rsyslog daemon user haproxy group haproxy chroot /opt/haproxy/secure/chroot pidfile /var/run/haproxy.pid stats socket /tmp/haproxy.socket user nobody group nobody mode 600 level admin node lb1 description HAPROXY1 daemon maxconn 100000 spread-checks 3 ca-base /etc/ssl/certs/comb crt-base /etc/ssl/certs/comb# debug# nbproc 4 #Number of processes EXPERIMENTAL
defaults log global mode http option forwardfor compression algo gzip compression type text/html text/plain text/css text/xml text/javascript retries 5 timeout http-request 181s ##Higher than I want right now but application may require it - testing timeout http-keep-alive 5s timeout queue 32s timeout connect 12s timeout server 181s ##Higher than I want right now but application may require it - testing timeout client 32s option http-server-close option accept-invalid-http-request option splice-auto option tcp-smart-connect option tcp-smart-accept log-format %ci:%cp|[%t]|%ft|%b/%s|%Tq/%Tw/%Tc/%Tr/%Tt|%ST|%B|%CC|%CS|%tsc|%ac/%fc/%bc/%sc/%rc|%sq/%bq|%hr|%hs|%{+Q}r|%fi errorfile 408 /dev/null
frontend ldap_service_front mode tcp bind 11.111.12.11:389 description LDAP Service option socket-stats option tcpka timeout client 5s default_backend LDAP
backend LDAP mode tcp option ldap-check balance source server LDAP1 11.111.10.11:389 check inter 10s downinter 9s slowstart 20s server LDAP2 11.111.11.11:389 check inter 10s downinter 9s slowstart 20s
Marc