mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-24 23:31:40 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: doc: update http reuse for new eligilible connections

Browse Source 
Update the doc to remove entries on http-reuse marking private
connection for specific source address or sni.
This commit is contained in:
Amaury Denoyelle 2021-01-29 15:18:49 +01:00
parent 7ef06c8253
commit d773a4ee23
1 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
doc/configuration.txt
View File

@ -6966,16 +6966,13 @@ http-reuse { never | safe | aggressive | always }
used when it improves the situation over "aggressive".
When http connection sharing is enabled, a great care is taken to respect the
connection properties and compatibility. Specifically :
- connections made with "usesrc" followed by a client-dependent value
("client", "clientip", "hdr_ip") are marked private and never shared;
connection properties and compatibility. Indeed, some properties are specific
and it is not possibly to reuse it blindly. Those are the SSL SNI, source
and destination address and proxy protocol block. A connection is reused only
if it shares the same set of properties with the request.
- connections sent to a server with a variable value as TLS SNI extension
are marked private and are never shared. This is not the case if the SNI
is guaranteed to be a constant, as for example using a literal string;
- connections with certain bogus authentication schemes (relying on the
connection) like NTLM are detected, marked private and are never shared;
Also note that connections with certain bogus authentication schemes (relying
on the connection) like NTLM are marked private and never shared.
A connection pool is involved and configurable with "pool-max-conn".