HAPROXY不平衡SSL

时间:2015-10-05 08:30:18

标签: ssl haproxy

我有这个

listen SSL XXX.XXX.XXX.60:443
    timeout connect 300s
    timeout client 300s
    timeout server 300s
    timeout queue 300s
    mode tcp
    bind-process 1
    option tcplog
    option ssl-hello-chk
    option http-server-close
    balance source
    server WEB61 XXX.XXX.XXX.61:443 check maxconn 500
    server WEB62 XXX.XXX.XXX.62:443 check maxconn 500
    server WEB63 XXX.XXX.XXX.63:443 check maxconn 500
    server WEB71 XXX.XXX.XXX.71:443 check maxconn 500
    server WEB72 XXX.XXX.XXX.72:443 check maxconn 500
    server WEB73 XXX.XXX.XXX.73:443 check maxconn 500

但是,所有SSL客户端都会转到WEB62。没有连接到其他服务器。

1 个答案:

答案 0 :(得分:0)

想出来。

    timeout server 300s
    timeout connect 300s
    timeout client 300s
    mode tcp
    balance roundrobin
    stick-table type binary len 32 size 30k expire 30m
    acl clienthello req_ssl_hello_type 1
    acl serverhello rep_ssl_hello_type 2
    tcp-request inspect-delay 5s
    tcp-request content accept if clienthello
    tcp-response content accept if serverhello
    stick on payload_lv(43,1) if clienthello
    stick store-response payload_lv(43,1) if serverhello

希望它有助于其他人