Differences

This shows you the differences between two versions of the page.

--- network_stuff:haproxy [2017/11/22 13:06] – jotasandoku
+++ network_stuff:haproxy [2023/11/02 14:38] (current) – external edit 127.0.0.1
@@ Line 24: / Line 24: @@
   nc -U /var/run/haproxy.sock
 Also non-interactive commands for automated based operations.
+\\
+\\
+From the stats page:
+  * Session rate : number of new sessions per second. A session is a connection that was accepted by the layer 4 rules.
+  * Connection: Note that a session can have one or more connections. "With the introduction of SSL, proxy protocol and layer4 ACLs, it was needed to cut the end-to-end sessions in smaller parts, hence the introduction of "connections""
 ----
+__**PROTECT AGAINST DDOS:**__\\
+  * [[https://www.haproxy.com/blog/use-a-load-balancer-as-a-first-row-of-defense-against-ddos/|haproxy-first-row-of-defense-against-ddos]]
+  * Block by source IP based on different criteria. Stick tables. Some examples [[http://blog.exceliance.fr/2012/02/27/use-a-load-balancer-as-a-first-row-of-defense-against-ddos/st-ddos/|here]]:
+----
 **SPECIAL FEATURES**\\
 Enable slow start:
@@ Line 33: / Line 45: @@
 ----
+  * Conceptual difference between a proxy and a 'reverse proxy': Proxy is a client proxy; reverse proxy is ~load balancer.
-__**PROTECT AGAINST DDOS:**__\\
+    * Proxy hides clients identity to the server. This is for client to server connections.
-  * [[https://www.haproxy.com/blog/use-a-load-balancer-as-a-first-row-of-defense-against-ddos/|haproxy-first-row-of-defense-against-ddos]]
+    * Proxy hides servers identity to the client. This is for client to server connections **as well**.
+TODO:\\
+  * Block by source IP based on different criteria. Stick tables:
+  * Some examples here: http://blog.exceliance.fr/2012/02/27/use-a-load-balancer-as-a-first-row-of-defense-against-ddos/

dokucama

User Tools

Site Tools

Differences

Page Tools