Hi guys,
Hoping someone can shed some light on what i might be doing wrong?
Or is there something in FreeBSD that might be causing the trouble with
the new resolvers options?
Thanks in advance.
PiBa-NL
haproxy -f /var/haproxy.cfg -d
[ALERT] 248/222758 (22942) : SSLv3 support requested but unavailable.
Note: setting global.maxconn to 2000.
Available polling systems :
kqueue : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result FAILED
Total: 3 (2 usable), will use kqueue.
Using kqueue() as the polling mechanism.
[ALERT] 248/222808 (22942) : Starting [globalresolvers/googleA]
nameserver: can't connect socket.
defaults
mode http
timeout connect 30000
timeout server 30000
timeout client 30000
resolvers globalresolvers
nameserver googleA 8.8.8.8:53
resolve_retries 3
timeout retry 1s
hold valid 10s
listen www
bind 0.0.0.0:80
log global
server googlesite www.google.com:80 check inter 1000
resolvers globalresolvers
# uname -a
FreeBSD OPNsense.localdomain 10.1-RELEASE-p18 FreeBSD 10.1-RELEASE-p18
#0 71275cd(stable/15.7): Sun Aug 23 20:32:26 CEST 2015
root@sensey64:/usr/obj/usr/src/sys/SMP amd64
# haproxy -vv
[ALERT] 248/221747 (72984) : SSLv3 support requested but unavailable.
HA-Proxy version 1.6-dev4-b7ce424 2015/09/03
Copyright 2000-2015 Willy Tarreau <willy@haproxy.org>
Build options :
TARGET = freebsd
CPU = generic
CC = cc
CFLAGS = -O2 -pipe -fstack-protector -fno-strict-aliasing
-DFREEBSD_PORTS
OPTIONS = USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_LUA=1
USE_STATIC_PCRE=1 USE_PCRE_JIT=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200
Encrypted password support via crypt(3): yes
Built with zlib version : 1.2.8
Compression algorithms supported : identity("identity"),
deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with OpenSSL version : OpenSSL 1.0.2d 9 Jul 2015
Running on OpenSSL version : OpenSSL 1.0.2d 9 Jul 2015
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built with PCRE version : 8.37 2015-04-28
PCRE library supports JIT : yes
Built with Lua version : Lua 5.3.0
Built with transparent proxy support using: IP_BINDANY IPV6_BINDANY
Available polling systems :
kqueue : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use kqueue.
Hoping someone can shed some light on what i might be doing wrong?
Or is there something in FreeBSD that might be causing the trouble with
the new resolvers options?
Thanks in advance.
PiBa-NL
haproxy -f /var/haproxy.cfg -d
[ALERT] 248/222758 (22942) : SSLv3 support requested but unavailable.
Note: setting global.maxconn to 2000.
Available polling systems :
kqueue : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result FAILED
Total: 3 (2 usable), will use kqueue.
Using kqueue() as the polling mechanism.
[ALERT] 248/222808 (22942) : Starting [globalresolvers/googleA]
nameserver: can't connect socket.
defaults
mode http
timeout connect 30000
timeout server 30000
timeout client 30000
resolvers globalresolvers
nameserver googleA 8.8.8.8:53
resolve_retries 3
timeout retry 1s
hold valid 10s
listen www
bind 0.0.0.0:80
log global
server googlesite www.google.com:80 check inter 1000
resolvers globalresolvers
# uname -a
FreeBSD OPNsense.localdomain 10.1-RELEASE-p18 FreeBSD 10.1-RELEASE-p18
#0 71275cd(stable/15.7): Sun Aug 23 20:32:26 CEST 2015
root@sensey64:/usr/obj/usr/src/sys/SMP amd64
# haproxy -vv
[ALERT] 248/221747 (72984) : SSLv3 support requested but unavailable.
HA-Proxy version 1.6-dev4-b7ce424 2015/09/03
Copyright 2000-2015 Willy Tarreau <willy@haproxy.org>
Build options :
TARGET = freebsd
CPU = generic
CC = cc
CFLAGS = -O2 -pipe -fstack-protector -fno-strict-aliasing
-DFREEBSD_PORTS
OPTIONS = USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_LUA=1
USE_STATIC_PCRE=1 USE_PCRE_JIT=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200
Encrypted password support via crypt(3): yes
Built with zlib version : 1.2.8
Compression algorithms supported : identity("identity"),
deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with OpenSSL version : OpenSSL 1.0.2d 9 Jul 2015
Running on OpenSSL version : OpenSSL 1.0.2d 9 Jul 2015
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built with PCRE version : 8.37 2015-04-28
PCRE library supports JIT : yes
Built with Lua version : Lua 5.3.0
Built with transparent proxy support using: IP_BINDANY IPV6_BINDANY
Available polling systems :
kqueue : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use kqueue.