were sent in perfect synchronisation because the initial time was
the same for all. This could induce high load peaks when fragile
servers were hosting tens of instances for the same application.
Now the load is spread evenly across the smallest interval amongst
a listener.
to 'close', but does not actually close any connection. The problem
is, there are some servers which don't close the connection even if
the proxy tells them 'Connection: close'. A workaround was added by
the way of a new option 'forceclose' (which implies 'httpclose'),
and which makes the proxy close the outgoing channel to the server
once it has sent all its headers. Just don't use this with the
'CONNECT' method of course !
were erroneously load-balanced while the doc said the opposite.
Since load-balanced backup servers is one of the features some
people have been asking for, the problem was fixed to reflect the
documented behaviour and a new option 'allbackups' was introduced
to provide the feature to those who need it.
its timeout times the number of retransmits exceeded the server
read or write timeout, because the later was used to compute
select()'s timeout while the connection timeout was not reached.
could trigger both a read and a write calls, thus sometimes inducing headers
being directly sent from srv to cli without modification, and leading further
modification to crash the process by memory corruption, because
rep.data+rep.l<rep.h so the memmove() length argument is negative. Only
observed with epoll() and never poll(), though this one should have been
affected too. Now, only call functions which have been allowed to.
because event_srv_chk_r() is called before _w() and flushes the socket
error. The result is that the server remains UP. The problem only
affects pure TCP health-checks when select() is disabled. You may
encounter this on SSL or SMTP proxies.
an error if the connection was refused before the the timeout. So the
client was sent to the server anyway and then got its connection broken
because of the write error. This is not a real problem with persistence,
but it definitely is for new clients. This stupid bug must have been
present for years !
be displayed even in quiet mode.
* display an alert when a listener has no address, invalid or no port, or when
there are no enabled listeners upon startup.
* second batch of socklen_t changes.
* clean-ups from Cameron Simpson.
* because tv_remain() does not know about eternity, using no timeout can
make select() spin around a null time-out. Bug reported by Cameron Simpson.
* client read timeout was not properly set to eternity initialized after an
accept() if it was not set in the config. It remained undetected so long
because eternity is 0 and newly allocated pages are zeroed by the system.
* do not call get_original_dst() when not in transparent mode.
* implemented a workaround for a bug in certain epoll() implementations on
linux-2.4 kernels (epoll-lt <= 0.21).
* implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
* the time-out fix introduced in 1.1.25 caused a corner case where it was
possible for a client to keep a connection maintained regardless of the
timeout if the server closed the connection during the HEADER phase,
while the client ignored the close request while doing nothing in the
other direction. This has been fixed now by ensuring that read timeouts
are re-armed when switching to any SHUTW state.
* enhanced error reporting in the logs. Now the proxy will precisely detect
various error conditions related to the system and/or process limits, and
generate LOG_EMERG logs indicating that a resource has been exhausted.
* logs will contain two new characters for the error cause : 'R' indicates
a resource exhausted, and 'I' indicates an internal error, though this
one should never happen.
* server connection timeouts can now be reported in the logs (sC), as well
as connections refused because of maxconn limitations (PC).
* new global configuration keyword "ulimit-n" may be used to raise the FD
limit to usable values.
* a warning is now displayed on startup if the FD limit is lower than the
configured maximum number of sockets.
* new configuration keyword "monitor-net" makes it possible to be monitored
by external devices which connect to the proxy without being logged nor
forwarded to any server. Particularly useful on generic TCPv4 relays.
* dirty hack to fix a bug introduced with epoll : if we close an FD and
immediately reassign it to another session through a connect(), the
Prev{Read,Write}Events are not updated, which causes trouble detecting
changes, thus leading to many timeouts at high loads.
* changed the runtime argument to disable epoll() to '-de'
* changed the runtime argument to disable poll() to '-dp'
* added global options 'nopoll' and 'noepoll' to do the same at the
configuration level.
* added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
support epoll().
* changed default FD_SETSIZE to 65536 on Solaris (default=1024)
* conditionned signals redirection to #ifdef DEBUG_MEMORY
* made epoll() support a compile-time option : ENABLE_EPOLL
* provided a very little libc replacement for a possibly missing epoll()
implementation which can be enabled by -DUSE_MY_EPOLL
* implemented the poll() poller, which can be enabled with -DENABLE_POLL.
The equivalent runtime argument becomes '-P'. A few tests show that it
performs like select() with many fds, but slightly slower (certainly
because of the higher amount of memory involved).
* separated the 3 polling methods and the tasks scheduler into 4 distinct
functions which makes the code a lot more modular.
* moved some event tables to private static declarations inside the poller
functions.
* the poller functions can now initialize themselves, run, and cleanup.
* changed the runtime argument to enable epoll() to '-E'.
* removed buggy epoll_ctl() code in the client_retnclose() function. This
function was never meant to remove anything.
* fixed a typo which caused glibc to yell about a double free on exit.
* removed error checking after epoll_ctl(DEL) because we can never know if
the fd is still active or already closed.
* added a few entries in the makefile
* implemented the HTTP 303 code for error redirection. This forces the
browser to fetch the given URI with a GET request. The new keyword for
this is 'errorloc303', and a new 'errorloc302' keyword has been created
to make them easily distinguishable.
* added more controls in the parser for valid use of '\x' sequence.
* few fixes from Alex & Klaus
* fixed a few errors in the documentation
* do not pre-initialize unused file-descriptors before select() anymore.
* merged Alexander Lazic's and Klaus Wagner's work on application
cookie-based persistence. Since this is the first merge, this version is
not intended for general use and reports are more than welcome. Some
documentation is really needed though.
* add an architecture guide to the documentation
* released without any changes
* increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
compatible with Apache. This limit can be configured in the makefile now.
Thanks to Eric Fehr for the checks.
* added a per-server "source" option which now makes it possible to bind to
a different source for each (potentially identical) server.
* changed cookie-based server selection slightly to allow several servers to
share a same cookie, thus making it possible to associate backup servers to
live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
* added the cookie 'prefix' mode which makes it possible to use persistence
with thin clients which support only one cookie. The server name is prefixed
before the application cookie, and restore back.
* fixed the order of servers within an instance to match documentation. Now
the servers are *really* used in the order of their declaration. This is
particularly important when multiple backup servers are in use.