Good evening folk of the discourse
So … I’ve set up this abomination. Its an Apache front-end (for MODSECURITY) with a HAPROXY backend doing layer 4 load-balancing.
Because the back-end connections would use a single IP, i configured Apache and HAPROXY et al, to show and use the actual source IP of the incoming connection to balance on the back-end.
I tested it with two IP addresses on my internal network and it worked!
But now im finding its not quite doing the balancing as good.
Wondering if anyone can shed some light on it?
Here is my config:
timeout client 1m
timeout connect 1m
timeout server 1m
source 0.0.0.0 usesrc clientip
stick-table type ip size 25m expire 60m
stick on src
server web01 192.168.0.1:80 check inter 30s server web02 192.168.0.2:80 check inter 30s