It appears to.

What version of pound are you using?

I made a small cfm page to kick back a 432 error....

On my 2.5 install, I see the following:

Direct to backend:
$ telnet localhost 81
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
GET /CFMXTesting/432err.cfm HTTP/1.0

HTTP/1.1 432 432
Date: Mon, 03 Jan 2011 17:12:30 GMT
Set-Cookie: CFID=4301; Expires=Wed, 26-Dec-2040 17:12:31 GMT; Path=/
Set-Cookie: CFTOKEN=732752807a993dc0-00A89175-EF9B-1D30-A6D2FF6683D77350;
Expires=Wed, 26-Dec-2040 17:12:31 GMT; Path=/
Set-Cookie: JSESSIONID=F5DB47294BCECFCD388E7676E992CF5C; Path=/
Content-Type: text/html;charset=UTF-8
Connection: close


Upgrade a component please.
Connection closed by foreign host.

Through Pound:
$ telnet localhost 80
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
GET /CFMXTesting/432err.cfm HTTP/1.0

HTTP/1.1 432 432
Date: Mon, 03 Jan 2011 17:14:34 GMT
Set-Cookie: CFID=4302; Expires=Wed, 26-Dec-2040 17:14:34 GMT; Path=/
Set-Cookie: CFTOKEN=d096e5b2ec40d3ab-00BB79A9-F507-7C55-8B4C1E973AE7EAAF;
Expires=Wed, 26-Dec-2040 17:14:34 GMT; Path=/
Set-Cookie: JSESSIONID=6917D0124D6B7AFDD4005023F2015298; Path=/
Content-Type: text/html;charset=UTF-8
Connection: close


Upgrade a component please.
Connection closed by foreign host.


Pretty much the same.  And no 500 error.

Apache logs show:
127.0.0.1 - - [03/Jan/2011:12:12:30 -0500] "GET /CFMXTesting/432err.cfm
HTTP/1.0" 432 29 "-" "-" - - [-]
and
127.0.0.1 - - [03/Jan/2011:12:14:34 -0500] "GET /CFMXTesting/432err.cfm
HTTP/1.0" 432 29 "-" "-" - - [-]


So I can't find a problem with Pound...


Joe

> -----Original Message-----
> From: BUPE(Peter Burgstaller) [mailto:Peter.Burgstaller(at)skidata.com]
> Sent: Saturday, December 25, 2010 10:54 AM
> To: <pound(at)apsis.ch>
> Subject: Re: [Pound Mailing List] RE: Error Status
> 
> Hi Joe,
> 
> thanks for the answer - this is what is in the pound log:
> Dec 24 11:52:38 lb1 pound: 195.70.104.187 GET
> /CyberAuditWeb/services/nga/sync/props?nid=0003500 HTTP/1.1 - HTTP/1.1
> 500 Internal Server Error (poundserver.internal.net/- ->
> 10.14.13.204:80) 0.004 sec
> 
> the apache on 10.14.13.204 says:
> 195.70.104.187 - - [24/Dec/2010:11:52:38 +0100] "GET
> /CyberAuditWeb/services/nga/sync/props?nid=0003500 HTTP/1.1" 432 1077
> "-" "nga_v4.0.0"
> 
> so to me that means, that apache delivers the 432 ok, no?
> Thx, Peter
> 
> On Dec 24, 2010, at 15:32, Joe Gooch wrote:
> 
> > I don't see anything in the code that would validate 4xx codes. If
> the backend passes it then pound should pass it along.
> >
> > However, if pound is creating a 500 error, it would be in the log.
> (i.e. e500 headers: out of memory, or e500 can't read header)  Do you
> see any messages in the log that correspond with the 500 error?
> >
> > If not, maybe your webserver is turning it into a 500 error?
> >
> > Joe
> >
> >> -----Original Message-----
> >> From: BUPE(Peter Burgstaller) [mailto:Peter.Burgstaller(at)skidata.com]
> >> Sent: Friday, December 24, 2010 5:34 AM
> >> To: pound(at)apsis.ch
> >> Subject: [Pound Mailing List] Error Status
> >>
> >> Dear pound list,
> >>
> >> I have a weird scenario with my pound installation.
> >> I have a new application behind my load balancer that uses a
> >> combination of Webserver and Tomcat. The application talks to the
> >> clients and
> >> implemented some custom error codes (in the 4xx range) to
> communicate
> >> update requirements and incompatibilities to the client.
> >> I can see at the Webserver, that the tomcat is delivering a 432
> status
> >> to the client, however, after the pound the http message is a 500.
> >> The client does not know what to do with a 500 status and prints an
> >> error.
> >> Is there a way to teach pound the 4xx errors?
> >>
> >> Thanks, Peter
> >> --
> >> DI Peter Burgstaller
> >> -----------------------------------
> >> Head of Hosted Services
> >>
> >> SKIDATA AG
> >> Untersbergstraße 40
> >> A-5083 Grödig, Salzburg
> >> [p] +43 (0) 6246 888-4155
> >> [f] +43 (0) 6246 888-7
> >> [e] peter.burgstaller(at)skidata.com
> >> [w] http://www.skidata.com
> >>
> >>
> >> --
> >> To unsubscribe send an email with subject unsubscribe to
> >> pound(at)apsis.ch.
> >> Please contact roseg(at)apsis.ch for questions.
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> 
> --
> DI Peter Burgstaller
> -----------------------------------
> Head of Hosted Services
> 
> SKIDATA AG
> Untersbergstraße 40
> A-5083 Grödig, Salzburg
> [p] +43 (0) 6246 888-4155
> [f] +43 (0) 6246 888-7
> [e] peter.burgstaller(at)skidata.com
> [w] http://www.skidata.com
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

I've implemented the "tag each request with the backend in the browser instead
of storing our sessions locally and incurring concurrency costs" method of
session tracking.  Described in 5 below.

Patch (against 2.6c) is at:
https://users.k12system.com/mrwizard/pound/pound_26_backend_cookies.patch.bz2

Essentially the change to session handling is when it has to choose a random
backend (i.e. didn't find in the hashtable, or hashtable/sessions are
disabled), it will check for the backend key header and if found, it will use
the backend that matches (if possible).  This can be used to turn off session
handling entirely (allowing pound to use backend keys to use backend
stickyness), or to augment session handling... For instance, if pound is
restarted, the session DB is cleared.  Using the cookie in the browser, when
sessions are recreated, the correct backend will be chosen to resume their
sessions.


Joe

> -----Original Message-----
> From: Joe Gooch [mailto:mrwizard(at)k12system.com]
> Sent: Friday, December 31, 2010 2:41 PM
> To: <pound(at)apsis.ch>
> Subject: Re: [Pound Mailing List] RE: Website stalls every 60 seconds
> 
> On Dec 31, 2010, at 4:27 AM, "Robert Segall" <roseg(at)apsis.ch> wrote:
> 
> I don't like many of the solutions that come to mind.
> 1) Wite our own fair/prioritized locking w/ linked lists or queues and
> use mutexes and condition variables to implement.
> 2) Find a C library that implements the semantics we need... Whether
> that's a hashtable or locking library depends on what we could find.
> 3) Write our own hashtable... For instance, mutex lock the fixed array,
> release once we find the collision chain... Have a mutex for each
> collision chain.  Then t_expire can lock by collision chain and limits
> the requests that are blocking at any given time.
> 4). Use better hardware :)
> 5)  Use distributed session tracking instead of tracking it in
> Pound....
> 
> For 5... Other load balancing appliances use a different approach...
> The load balancer itself generates a cookie to tag the sessions.  ( I
> wouldn't even consider param/url rewrites ). Semantics would be like
> this:
> A). In the config pick a cookie name, domain, expiration for the
> cookie,httponly flags etc.
> B). On each request, look for our cookie.  If it exists, use it to
> determine the backend to use.  Otherwise choose one randomly.  If the
> backend is down choose another.
> C). Add a set cookie header to every request that sets or resets our
> cookie. (thus updating the expiration time)
> 
> Using this method no database is necessary in pound.  The browser tells
> the load balancer where it belongs.  This has other cool benefits like
> you can kill and restart pound and other than the connectivity
> interruption, session affinity would be preserved.  And no concurrency
> issues because each request is autonomous.
> 
> Implicit in this is the ability to uniquely identify each backend...
> Either with a key inn the backend section in the config, or a hex
> representation of the sin_addr and port...
> 
> Might need to have this as an option so url/param LB is still an
> option.

Hi again,

I was running an older pound version and just upgraded to 2.5.1.
However, no change in the behavior - so I checked with tcpdump what apache
really sends - and you were right, 
apache already sends the 500 error. It turns out its a defect in the mod_jk
(1.2.26) we were using.
I upgraded to mod_jk 1.3.31 and now it works as it should.

Sorry to have bothered you, but thanks for your help!
- Cheers, Peter

On Jan 3, 2011, at 18:16, Joe Gooch wrote:

> It appears to.
> 
> What version of pound are you using?
> 
> I made a small cfm page to kick back a 432 error....
> 
> On my 2.5 install, I see the following:
> 
> Direct to backend:
> $ telnet localhost 81
> Trying 127.0.0.1...
> Connected to localhost (127.0.0.1).
> Escape character is '^]'.
> GET /CFMXTesting/432err.cfm HTTP/1.0
> 
> HTTP/1.1 432 432
> Date: Mon, 03 Jan 2011 17:12:30 GMT
> Set-Cookie: CFIDC01; Expires=d, 26-Dec-2040 17:12:31 GMT; Path=
> Set-Cookie: CFTOKENs2752807a993dc0-00A89175-EF9B-1D30-A6D2FF6683D77350;
Expires=d, 26-Dec-2040 17:12:31 GMT; Path=
> Set-Cookie: JSESSIONIDõDB47294BCECFCD388E7676E992CF5C; Path=
> Content-Type: text/html;charset=F-8
> Connection: close
> 
> 
> Upgrade a component please.
> Connection closed by foreign host.
> 
> Through Pound:
> $ telnet localhost 80
> Trying 127.0.0.1...
> Connected to localhost (127.0.0.1).
> Escape character is '^]'.
> GET /CFMXTesting/432err.cfm HTTP/1.0
> 
> HTTP/1.1 432 432
> Date: Mon, 03 Jan 2011 17:14:34 GMT
> Set-Cookie: CFIDC02; Expires=d, 26-Dec-2040 17:14:34 GMT; Path=
> Set-Cookie: CFTOKENÐ96e5b2ec40d3ab-00BB79A9-F507-7C55-8B4C1E973AE7EAAF;
Expires=d, 26-Dec-2040 17:14:34 GMT; Path=
> Set-Cookie: JSESSIONIDi17D0124D6B7AFDD4005023F2015298; Path=
> Content-Type: text/html;charset=F-8
> Connection: close
> 
> 
> Upgrade a component please.
> Connection closed by foreign host.
> 
> 
> Pretty much the same.  And no 500 error.
> 
> Apache logs show:
> 127.0.0.1 - - [03/Jan/2011:12:12:30 -0500] "GET /CFMXTesting/432err.cfm
HTTP/1.0" 432 29 "-" "-" - - [-]
> and
> 127.0.0.1 - - [03/Jan/2011:12:14:34 -0500] "GET /CFMXTesting/432err.cfm
HTTP/1.0" 432 29 "-" "-" - - [-]
> 
> 
> So I can't find a problem with Pound...
> 
> 
> Joe
> 
>> -----Original Message-----
>> From: BUPE(Peter Burgstaller) [mailto:Peter.Burgstaller(at)skidata.com]
>> Sent: Saturday, December 25, 2010 10:54 AM
>> To: <pound(at)apsis.ch>
>> Subject: Re: [Pound Mailing List] RE: Error Status
>> 
>> Hi Joe,
>> 
>> thanks for the answer - this is what is in the pound log:
>> Dec 24 11:52:38 lb1 pound: 195.70.104.187 GET
>> /CyberAuditWeb/services/nga/sync/props?nid

--
DI Peter Burgstaller
-----------------------------------
Head of Hosted Services

SKIDATA AG
Untersbergstraße 40
A-5083 Grödig, Salzburg
[p] +43 (0) 6246 888-4155
[f] +43 (0) 6246 888-7
[e] peter.burgstaller(at)skidata.com
[w] http://www.skidata.com

No worries, glad you got it figured out!

Joe

> -----Original Message-----
> From: BUPE(Peter Burgstaller) [mailto:Peter.Burgstaller(at)skidata.com]
> Sent: Tuesday, January 04, 2011 9:27 AM
> To: <pound(at)apsis.ch>
> Subject: Re: [Pound Mailing List] RE: Error Status
> 
> Hi again,
> 
> I was running an older pound version and just upgraded to 2.5.1.
> However, no change in the behavior - so I checked with tcpdump what
> apache really sends - and you were right,
> apache already sends the 500 error. It turns out its a defect in the
> mod_jk (1.2.26) we were using.
> I upgraded to mod_jk 1.3.31 and now it works as it should.
> 
> Sorry to have bothered you, but thanks for your help!
> - Cheers, Peter
> 
> On Jan 3, 2011, at 18:16, Joe Gooch wrote:
> 
> > It appears to.
> >
> > What version of pound are you using?
> >
> > I made a small cfm page to kick back a 432 error....
> >
> > On my 2.5 install, I see the following:
> >
> > Direct to backend:
> > $ telnet localhost 81
> > Trying 127.0.0.1...
> > Connected to localhost (127.0.0.1).
> > Escape character is '^]'.
> > GET /CFMXTesting/432err.cfm HTTP/1.0
> >
> > HTTP/1.1 432 432
> > Date: Mon, 03 Jan 2011 17:12:30 GMT
> > Set-Cookie: CFIDC01; Expires= 26-Dec-2040 17:12:31 GMT; Path> Set-
> Cookie: CFTOKENs2752807a993dc0-00A89175-EF9B-1D30-A6D2FF6683D77350;
> Expires= 26-Dec-2040 17:12:31 GMT; Path> Set-Cookie:
> JSESSIONIDõDB47294BCECFCD388E7676E992CF5C; Path> Content-Type:
> text/html;charset=8
> > Connection: close
> >
> >
> > Upgrade a component please.
> > Connection closed by foreign host.
> >
> > Through Pound:
> > $ telnet localhost 80
> > Trying 127.0.0.1...
> > Connected to localhost (127.0.0.1).
> > Escape character is '^]'.
> > GET /CFMXTesting/432err.cfm HTTP/1.0
> >
> > HTTP/1.1 432 432
> > Date: Mon, 03 Jan 2011 17:14:34 GMT
> > Set-Cookie: CFIDC02; Expires= 26-Dec-2040 17:14:34 GMT; Path> Set-
> Cookie: CFTOKENÐ96e5b2ec40d3ab-00BB79A9-F507-7C55-8B4C1E973AE7EAAF;
> Expires= 26-Dec-2040 17:14:34 GMT; Path> Set-Cookie:
> JSESSIONIDi17D0124D6B7AFDD4005023F2015298; Path> Content-Type:
> text/html;charset=8
> > Connection: close
> >
> >
> > Upgrade a component please.
> > Connection closed by foreign host.
> >
> >
> > Pretty much the same.  And no 500 error.
> >
> > Apache logs show:
> > 127.0.0.1 - - [03/Jan/2011:12:12:30 -0500] "GET
> /CFMXTesting/432err.cfm HTTP/1.0" 432 29 "-" "-" - - [-]
> > and
> > 127.0.0.1 - - [03/Jan/2011:12:14:34 -0500] "GET
> /CFMXTesting/432err.cfm HTTP/1.0" 432 29 "-" "-" - - [-]
> >
> >
> > So I can't find a problem with Pound...
> >
> >
> > Joe
> >
> >> -----Original Message-----
> >> From: BUPE(Peter Burgstaller) [mailto:Peter.Burgstaller(at)skidata.com]
> >> Sent: Saturday, December 25, 2010 10:54 AM
> >> To: <pound(at)apsis.ch>
> >> Subject: Re: [Pound Mailing List] RE: Error Status
> >>
> >> Hi Joe,
> >>
> >> thanks for the answer - this is what is in the pound log:
> >> Dec 24 11:52:38 lb1 pound: 195.70.104.187 GET
> >> /CyberAuditWeb/services/nga/sync/props?nid
> 
> --
> DI Peter Burgstaller
> -----------------------------------
> Head of Hosted Services
> 
> SKIDATA AG
> Untersbergstraße 40
> A-5083 Grödig, Salzburg
> [p] +43 (0) 6246 888-4155
> [f] +43 (0) 6246 888-7
> [e] peter.burgstaller(at)skidata.com
> [w] http://www.skidata.com
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

My guess would be the new pound was compiled without the PCRE library. (Since 0
width lookaheads probably require that...)  Do a ldd on each pound binary and
see if either one is using libs the other isn't.

You could try adding the --enable-pcreposix option to configure.

Joe

> -----Original Message-----
> From: thedoghousemailcom [mailto:thedoghousemailcom(at)googlemail.com]
> Sent: Tuesday, January 04, 2011 9:07 AM
> To: pound(at)apsis.ch
> Subject: [Pound Mailing List] URL
> 
> Hi list,
> 
> I'm using CentOS 5.5 x64 with Pound 2.4.3 (pound-2.4.3-1.el5.rf). My
> current config contains the following line:
> 
>    URL "^(.(?!cgi-bin))*\.(css|doc|gif|ico|jpg|pdf|png|ppt|rtf|xls)$"
> 
> Everything works fine. Pound checks the config:
> 
> pound -c
> starting...
> Config file /etc/pound.cfg is OK
> 
> 
> Today I tried to upgrade to Pound 2.5-1 from the scratch.
> 
> But if I try to start a verify with the same config, Pound tell me
> something about "URL bad pattern":
> 
> pound -c
> starting...
> /etc/pound.cfg line 36: URL bad pattern - aborted
> 
> Line 36 is the above "URL-line".
> 
> Could someone give me please some advices?
> 
> Thank you very much.
> 
> Greetings
> 
> Paul
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

Yes, this was the solution, thank you Joe!

Paul


schrieb Joe Gooch, Am 04.01.2011 17:17:
> My guess would be the new pound was compiled without the PCRE library. (Since
0 width lookaheads probably require that...)  Do a ldd on each pound binary and
see if either one is using libs the other isn't.
>
> You could try adding the --enable-pcreposix option to configure.
>
> Joe
>
>> -----Original Message-----
>> From: thedoghousemailcom [mailto:thedoghousemailcom(at)googlemail.com]
>> Sent: Tuesday, January 04, 2011 9:07 AM
>> To: pound(at)apsis.ch
>> Subject: [Pound Mailing List] URL
>>
>> Hi list,
>>
>> I'm using CentOS 5.5 x64 with Pound 2.4.3 (pound-2.4.3-1.el5.rf). My
>> current config contains the following line:
>>
>>     URL "^(.(?!cgi-bin))*\.(css|doc|gif|ico|jpg|pdf|png|ppt|rtf|xls)$"
>>
>> Everything works fine. Pound checks the config:
>>
>> pound -c
>> starting...
>> Config file /etc/pound.cfg is OK
>>
>>
>> Today I tried to upgrade to Pound 2.5-1 from the scratch.
>>
>> But if I try to start a verify with the same config, Pound tell me
>> something about "URL bad pattern":
>>
>> pound -c
>> starting...
>> /etc/pound.cfg line 36: URL bad pattern - aborted
>>
>> Line 36 is the above "URL-line".
>>
>> Could someone give me please some advices?
>>
>> Thank you very much.
>>
>> Greetings
>>
>> Paul
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to
>> pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>

No problemo! :)

Joe

> -----Original Message-----
> From: thedoghousemailcom [mailto:thedoghousemailcom(at)googlemail.com]
> Sent: Tuesday, January 04, 2011 12:34 PM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] URL
> 
> Yes, this was the solution, thank you Joe!
> 
> Paul
> 
> 
> schrieb Joe Gooch, Am 04.01.2011 17:17:
> > My guess would be the new pound was compiled without the PCRE
> library. (Since 0 width lookaheads probably require that...)  Do a ldd
> on each pound binary and see if either one is using libs the other
> isn't.
> >
> > You could try adding the --enable-pcreposix option to configure.
> >
> > Joe
> >
> >> -----Original Message-----
> >> From: thedoghousemailcom [mailto:thedoghousemailcom(at)googlemail.com]
> >> Sent: Tuesday, January 04, 2011 9:07 AM
> >> To: pound(at)apsis.ch
> >> Subject: [Pound Mailing List] URL
> >>
> >> Hi list,
> >>
> >> I'm using CentOS 5.5 x64 with Pound 2.4.3 (pound-2.4.3-1.el5.rf). My
> >> current config contains the following line:
> >>
> >>     URL "^(.(?!cgi-
> bin))*\.(css|doc|gif|ico|jpg|pdf|png|ppt|rtf|xls)$"
> >>
> >> Everything works fine. Pound checks the config:
> >>
> >> pound -c
> >> starting...
> >> Config file /etc/pound.cfg is OK
> >>
> >>
> >> Today I tried to upgrade to Pound 2.5-1 from the scratch.
> >>
> >> But if I try to start a verify with the same config, Pound tell me
> >> something about "URL bad pattern":
> >>
> >> pound -c
> >> starting...
> >> /etc/pound.cfg line 36: URL bad pattern - aborted
> >>
> >> Line 36 is the above "URL-line".
> >>
> >> Could someone give me please some advices?
> >>
> >> Thank you very much.
> >>
> >> Greetings
> >>
> >> Paul
> >>
> >> --
> >> To unsubscribe send an email with subject unsubscribe to
> >> pound(at)apsis.ch.
> >> Please contact roseg(at)apsis.ch for questions.
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> >
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

Hi,

Yes, in my patch log level 4 doesn't change just log level 5 and  send 
between '(' and ')' the Service name and the backend (in this case de 
redirected URL) as is done in other places of the code.

I'm afraid I don't understand why it would break compatibility with the 
Common log Format ¿does not Service name and backend break Compatibility 
log Format?

Regards.

El 31/12/2010 10:22, Robert Segall escribió:
> On Wed, 2010-12-29 at 13:30 +0100, Francisco Ruiz wrote:
>> Hi,
>>
>> I think log level 5 should log Service and the URL which is redirected
>> to as backend.
>>
>> I send you a patch with the changes in order you to consider them.
>>
>>
>> Regards,
>> Francisco Ruiz
> Have a look at the code - this is already done at log levels 1 and 2. At
> higher log levels it would break compatibility with the Common Log
> Format.

Hi Joe!

I like the idea! You also implemented it pretty quick!
I tested you're implementation(not production) and it seems to work quite good.
The only thing I wonder is, why not choose a property which you can
deterministically extract a backend from. Like the clients ip for example. The
decimal value, modulo the number of backends. Or a cookie, modulo the #backends
etc.

About the writers-starvation. What platforms does pound want to support? I can
think of the main ones: Linux, *BSD, Solaris?, MacOS?
If these platforms support the writers-starvation regulations is it acceptable
to adopt this system?

Steven

-----Oorspronkelijk bericht-----
Van: Joe Gooch [mailto:mrwizard(at)k12system.com] 
Verzonden: maandag 3 januari 2011 21:19
Aan: <pound(at)apsis.ch>
Onderwerp: RE: [Pound Mailing List] RE: Website stalls every 60 seconds

I've implemented the "tag each request with the backend in the browser instead
of storing our sessions locally and incurring concurrency costs" method of
session tracking.  Described in 5 below.

Patch (against 2.6c) is at:
https://users.k12system.com/mrwizard/pound/pound_26_backend_cookies.patch.bz2

Essentially the change to session handling is when it has to choose a random
backend (i.e. didn't find in the hashtable, or hashtable/sessions are
disabled), it will check for the backend key header and if found, it will use
the backend that matches (if possible).  This can be used to turn off session
handling entirely (allowing pound to use backend keys to use backend
stickyness), or to augment session handling... For instance, if pound is
restarted, the session DB is cleared.  Using the cookie in the browser, when
sessions are recreated, the correct backend will be chosen to resume their
sessions.


Joe

> -----Original Message-----
> From: Joe Gooch [mailto:mrwizard(at)k12system.com]
> Sent: Friday, December 31, 2010 2:41 PM
> To: <pound(at)apsis.ch>
> Subject: Re: [Pound Mailing List] RE: Website stalls every 60 seconds
> 
> On Dec 31, 2010, at 4:27 AM, "Robert Segall" <roseg(at)apsis.ch> wrote:
> 
> I don't like many of the solutions that come to mind.
> 1) Wite our own fair/prioritized locking w/ linked lists or queues and
> use mutexes and condition variables to implement.
> 2) Find a C library that implements the semantics we need... Whether
> that's a hashtable or locking library depends on what we could find.
> 3) Write our own hashtable... For instance, mutex lock the fixed array,
> release once we find the collision chain... Have a mutex for each
> collision chain.  Then t_expire can lock by collision chain and limits
> the requests that are blocking at any given time.
> 4). Use better hardware :)
> 5)  Use distributed session tracking instead of tracking it in
> Pound....
> 
> For 5... Other load balancing appliances use a different approach...
> The load balancer itself generates a cookie to tag the sessions.  ( I
> wouldn't even consider param/url rewrites ). Semantics would be like
> this:
> A). In the config pick a cookie name, domain, expiration for the
> cookie,httponly flags etc.
> B). On each request, look for our cookie.  If it exists, use it to
> determine the backend to use.  Otherwise choose one randomly.  If the
> backend is down choose another.
> C). Add a set cookie header to every request that sets or resets our
> cookie. (thus updating the expiration time)
> 
> Using this method no database is necessary in pound.  The browser tells
> the load balancer where it belongs.  This has other cool benefits like
> you can kill and restart pound and other than the connectivity
> interruption, session affinity would be preserved.  And no concurrency
> issues because each request is autonomous.
> 
> Implicit in this is the ability to uniquely identify each backend...
> Either with a key inn the backend section in the config, or a hex
> representation of the sin_addr and port...
> 
> Might need to have this as an option so url/param LB is still an
> option.

--
To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
Please contact roseg(at)apsis.ch for questions.

Just something that came to mind: what about using memcached? You can provide
an expire parameter. This invalidates old items automatically.

-----Oorspronkelijk bericht-----
Van: Steven van der Vegt [mailto:steven(at)echelon.nl] 
Verzonden: woensdag 5 januari 2011 14:34
Aan: pound(at)apsis.ch
Onderwerp: RE: [Pound Mailing List] RE: Website stalls every 60 seconds

Hi Joe!

I like the idea! You also implemented it pretty quick!
I tested you're implementation(not production) and it seems to work quite good.
The only thing I wonder is, why not choose a property which you can
deterministically extract a backend from. Like the clients ip for example. The
decimal value, modulo the number of backends. Or a cookie, modulo the #backends
etc.

About the writers-starvation. What platforms does pound want to support? I can
think of the main ones: Linux, *BSD, Solaris?, MacOS?
If these platforms support the writers-starvation regulations is it acceptable
to adopt this system?

Steven

-----Oorspronkelijk bericht-----
Van: Joe Gooch [mailto:mrwizard(at)k12system.com] 
Verzonden: maandag 3 januari 2011 21:19
Aan: <pound(at)apsis.ch>
Onderwerp: RE: [Pound Mailing List] RE: Website stalls every 60 seconds

I've implemented the "tag each request with the backend in the browser instead
of storing our sessions locally and incurring concurrency costs" method of
session tracking.  Described in 5 below.

Patch (against 2.6c) is at:
https://users.k12system.com/mrwizard/pound/pound_26_backend_cookies.patch.bz2

Essentially the change to session handling is when it has to choose a random
backend (i.e. didn't find in the hashtable, or hashtable/sessions are
disabled), it will check for the backend key header and if found, it will use
the backend that matches (if possible).  This can be used to turn off session
handling entirely (allowing pound to use backend keys to use backend
stickyness), or to augment session handling... For instance, if pound is
restarted, the session DB is cleared.  Using the cookie in the browser, when
sessions are recreated, the correct backend will be chosen to resume their
sessions.


Joe

> -----Original Message-----
> From: Joe Gooch [mailto:mrwizard(at)k12system.com]
> Sent: Friday, December 31, 2010 2:41 PM
> To: <pound(at)apsis.ch>
> Subject: Re: [Pound Mailing List] RE: Website stalls every 60 seconds
> 
> On Dec 31, 2010, at 4:27 AM, "Robert Segall" <roseg(at)apsis.ch> wrote:
> 
> I don't like many of the solutions that come to mind.
> 1) Wite our own fair/prioritized locking w/ linked lists or queues and
> use mutexes and condition variables to implement.
> 2) Find a C library that implements the semantics we need... Whether
> that's a hashtable or locking library depends on what we could find.
> 3) Write our own hashtable... For instance, mutex lock the fixed array,
> release once we find the collision chain... Have a mutex for each
> collision chain.  Then t_expire can lock by collision chain and limits
> the requests that are blocking at any given time.
> 4). Use better hardware :)
> 5)  Use distributed session tracking instead of tracking it in
> Pound....
> 
> For 5... Other load balancing appliances use a different approach...
> The load balancer itself generates a cookie to tag the sessions.  ( I
> wouldn't even consider param/url rewrites ). Semantics would be like
> this:
> A). In the config pick a cookie name, domain, expiration for the
> cookie,httponly flags etc.
> B). On each request, look for our cookie.  If it exists, use it to
> determine the backend to use.  Otherwise choose one randomly.  If the
> backend is down choose another.
> C). Add a set cookie header to every request that sets or resets our
> cookie. (thus updating the expiration time)
> 
> Using this method no database is necessary in pound.  The browser tells
> the load balancer where it belongs.  This has other cool benefits like
> you can kill and restart pound and other than the connectivity
> interruption, session affinity would be preserved.  And no concurrency
> issues because each request is autonomous.
> 
> Implicit in this is the ability to uniquely identify each backend...
> Either with a key inn the backend section in the config, or a hex
> representation of the sin_addr and port...
> 
> Might need to have this as an option so url/param LB is still an
> option.

--
To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
Please contact roseg(at)apsis.ch for questions.

--
To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
Please contact roseg(at)apsis.ch for questions.

> -----Original Message-----
> From: Steven van der Vegt [mailto:steven(at)echelon.nl]
> Sent: Wednesday, January 05, 2011 8:34 AM
> To: pound(at)apsis.ch
> Subject: RE: [Pound Mailing List] RE: Website stalls every 60 seconds
> 
> Hi Joe!
> 
> I like the idea! You also implemented it pretty quick!
> I tested you're implementation(not production) and it seems to work
> quite good.

Good to hear :)

> The only thing I wonder is, why not choose a property which you can
> deterministically extract a backend from. Like the clients ip for
> example. The decimal value, modulo the number of backends. Or a cookie,
> modulo the #backends etc.

I have issues with client ip specifically... Pools of proxy servers with
different ips, mobile devices that might jump ips frequently, and the case of
internal clients where the ips might not be significantly different.

The main reason not to do this in my opinion is it won't allow for a proper
load balance.  If you have 5 backends and yournet.10 and yournet.20 are your
biggest talkers, they'll both be assigned to the same backend.  Even worse, if
a backend dies, what do you do?  If your number of backends decreases you will
remap a lot of your sessions.  If you don't decrease your modulo, you have to
deterministically figure out a replacement backend, which will likely overload
one or more of them.

Session type IP in pound works with client ips, but it's still using the
session database to ensure an equal load balance.

At least going with a cookie like this, Pound is deciding where to place the
requests.  It can do so based on the same logic as using a session database, it
can handle dead and disabled servers properly, and the backend assignment will
be as fair as usual.  (Using dynscale or not, depending on your config)

Joe

I wouldn't even consider it for anything other than UNIX domain sockets.  Even
so, I'm not sure adding another network based call-response protocol to every
request is going to solve any of our problems.  I would think local memory and
synchronization, even with locking, would be faster.  Then again, without
proper benchmarking I can't be sure. :)

Since my patch will allow creation of sessions even when the client doesn't
give one, you might want to rerun your benchmarking w/ ab.  

Joe

> -----Original Message-----
> From: Steven van der Vegt [mailto:steven(at)echelon.nl]
> Sent: Wednesday, January 05, 2011 9:24 AM
> To: pound(at)apsis.ch
> Subject: RE: [Pound Mailing List] RE: Website stalls every 60 seconds
> 
> Just something that came to mind: what about using memcached? You can
> provide an expire parameter. This invalidates old items automatically.
> 

On 1/7/2011 4:00 PM, Nelson Pereira wrote:
> Not sure if pound can do this but here is what i need to do:
> web1.mydomain.com resolves to 209.5.5.5 which is my public IP on the
> external side of my router. Router is setup to forward (port forwarding) all
> port 80 based traffic to internal ip 192.168.1.10 (my PVE system) which I
> want that server to lookup the request, and for web1 forward to
> 192.168.1.101, for web2 to .102 etc.... Can pound do this and if so, how
> should it be configured and what is the configuration file?
> Is there a web GUI to configure pound?

Yes, you want to use the 'HeadRequire' directive.  You should follow the 
example on apsis.ch/pound under the section "VIRTUAL HOSTS (IN 
GENERAL)".  I believe that describes what you want.

You get to choose your favorite text editor as the gui for configuring 
pound.  :)

Regards,
-- 
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/

Ok, but how do you configure it and how is it called? I can install it
on a ubuntu 10.10 server, any special package requirement? Is there a
debian packe available for pound?

Sent from my iPhone4 on IOS4

On Jan 7, 2011, at 4:17 PM, Dave Steinberg <dave(at)redterror.net> wrote:

> On 1/7/2011 4:00 PM, Nelson Pereira wrote:
>> Not sure if pound can do this but here is what i need to do:
>> web1.mydomain.com resolves to 209.5.5.5 which is my public IP on the
>> external side of my router. Router is setup to forward (port forwarding) all
>> port 80 based traffic to internal ip 192.168.1.10 (my PVE system) which I
>> want that server to lookup the request, and for web1 forward to
>> 192.168.1.101, for web2 to .102 etc.... Can pound do this and if so, how
>> should it be configured and what is the configuration file?
>> Is there a web GUI to configure pound?
>
> Yes, you want to use the 'HeadRequire' directive.  You should follow the
example on apsis.ch/pound under the section "VIRTUAL HOSTS (IN GENERAL)".  I
believe that describes what you want.
>
> You get to choose your favorite text editor as the gui for configuring pound.
 :)
>
> Regards,
> --
> Dave Steinberg
> http://www.geekisp.com/
> http://www.steinbergcomputing.com/
> http://www.redterror.net/
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

2.4.3 is available in Lenny, 2.5 is available in squeeze and sid.

Joe

> -----Original Message-----
> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> Sent: Friday, January 07, 2011 4:34 PM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] Question on setup
> 
> Ok, but how do you configure it and how is it called? I can install it
> on a ubuntu 10.10 server, any special package requirement? Is there a
> debian packe available for pound?
> 
> Sent from my iPhone4 on IOS4
> 
> On Jan 7, 2011, at 4:17 PM, Dave Steinberg <dave(at)redterror.net> wrote:
> 
> > On 1/7/2011 4:00 PM, Nelson Pereira wrote:
> >> Not sure if pound can do this but here is what i need to do:
> >> web1.mydomain.com resolves to 209.5.5.5 which is my public IP on the
> >> external side of my router. Router is setup to forward (port
> forwarding) all
> >> port 80 based traffic to internal ip 192.168.1.10 (my PVE system)
> which I
> >> want that server to lookup the request, and for web1 forward to
> >> 192.168.1.101, for web2 to .102 etc.... Can pound do this and if so,
> how
> >> should it be configured and what is the configuration file?
> >> Is there a web GUI to configure pound?
> >
> > Yes, you want to use the 'HeadRequire' directive.  You should follow
> the example on apsis.ch/pound under the section "VIRTUAL HOSTS (IN
> GENERAL)".  I believe that describes what you want.
> >
> > You get to choose your favorite text editor as the gui for
> configuring pound.  :)
> >
> > Regards,
> > --
> > Dave Steinberg
> > http://www.geekisp.com/
> > http://www.steinbergcomputing.com/
> > http://www.redterror.net/
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

So no lucid support?

Sent from my iPhone4 on IOS4

On Jan 7, 2011, at 4:47 PM, Joe Gooch <mrwizard(at)k12system.com> wrote:

> 2.4.3 is available in Lenny, 2.5 is available in squeeze and sid.
>
> Joe
>
>> -----Original Message-----
>> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
>> Sent: Friday, January 07, 2011 4:34 PM
>> To: pound(at)apsis.ch
>> Subject: Re: [Pound Mailing List] Question on setup
>>
>> Ok, but how do you configure it and how is it called? I can install it
>> on a ubuntu 10.10 server, any special package requirement? Is there a
>> debian packe available for pound?
>>
>> Sent from my iPhone4 on IOS4
>>
>> On Jan 7, 2011, at 4:17 PM, Dave Steinberg <dave(at)redterror.net> wrote:
>>
>>> On 1/7/2011 4:00 PM, Nelson Pereira wrote:
>>>> Not sure if pound can do this but here is what i need to do:
>>>> web1.mydomain.com resolves to 209.5.5.5 which is my public IP on the
>>>> external side of my router. Router is setup to forward (port
>> forwarding) all
>>>> port 80 based traffic to internal ip 192.168.1.10 (my PVE system)
>> which I
>>>> want that server to lookup the request, and for web1 forward to
>>>> 192.168.1.101, for web2 to .102 etc.... Can pound do this and if so,
>> how
>>>> should it be configured and what is the configuration file?
>>>> Is there a web GUI to configure pound?
>>>
>>> Yes, you want to use the 'HeadRequire' directive.  You should follow
>> the example on apsis.ch/pound under the section "VIRTUAL HOSTS (IN
>> GENERAL)".  I believe that describes what you want.
>>>
>>> You get to choose your favorite text editor as the gui for
>> configuring pound.  :)
>>>
>>> Regards,
>>> --
>>> Dave Steinberg
>>> http://www.geekisp.com/
>>> http://www.steinbergcomputing.com/
>>> http://www.redterror.net/
>>>
>>> --
>>> To unsubscribe send an email with subject unsubscribe to
>> pound(at)apsis.ch.
>>> Please contact roseg(at)apsis.ch for questions.
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to
>> pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

The pound project does not package a binary at all.  Any packaging support
would be done by external maintainers.  I merely provided the Debian
information because I run Debian and could run apt-cache policy.

A 10sec google search yields that 2.4.5 is available in lucid.
http://packages.ubuntu.com/lucid/pound

There's apparently further ubuntu documentation here:
https://help.ubuntu.com/community/Pound

Which I believe just about covers what you're asking... Since the example has
multiple backends and illustrates the HeadRequire directive.

Joe

> -----Original Message-----
> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> Sent: Friday, January 07, 2011 4:50 PM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] Question on setup
> 
> So no lucid support?
> 
> Sent from my iPhone4 on IOS4
> 
> On Jan 7, 2011, at 4:47 PM, Joe Gooch <mrwizard(at)k12system.com> wrote:
> 
> > 2.4.3 is available in Lenny, 2.5 is available in squeeze and sid.
> >
> > Joe
> >
> >> -----Original Message-----
> >> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> >> Sent: Friday, January 07, 2011 4:34 PM
> >> To: pound(at)apsis.ch
> >> Subject: Re: [Pound Mailing List] Question on setup
> >>
> >> Ok, but how do you configure it and how is it called? I can install
> it
> >> on a ubuntu 10.10 server, any special package requirement? Is there
> a
> >> debian packe available for pound?
> >>
> >> Sent from my iPhone4 on IOS4
> >>
> >> On Jan 7, 2011, at 4:17 PM, Dave Steinberg <dave(at)redterror.net>
> wrote:
> >>
> >>> On 1/7/2011 4:00 PM, Nelson Pereira wrote:
> >>>> Not sure if pound can do this but here is what i need to do:
> >>>> web1.mydomain.com resolves to 209.5.5.5 which is my public IP on
> the
> >>>> external side of my router. Router is setup to forward (port
> >> forwarding) all
> >>>> port 80 based traffic to internal ip 192.168.1.10 (my PVE system)
> >> which I
> >>>> want that server to lookup the request, and for web1 forward to
> >>>> 192.168.1.101, for web2 to .102 etc.... Can pound do this and if
> so,
> >> how
> >>>> should it be configured and what is the configuration file?
> >>>> Is there a web GUI to configure pound?
> >>>
> >>> Yes, you want to use the 'HeadRequire' directive.  You should
> follow
> >> the example on apsis.ch/pound under the section "VIRTUAL HOSTS (IN
> >> GENERAL)".  I believe that describes what you want.
> >>>
> >>> You get to choose your favorite text editor as the gui for
> >> configuring pound.  :)
> >>>
> >>> Regards,
> >>> --
> >>> Dave Steinberg
> >>> http://www.geekisp.com/
> >>> http://www.steinbergcomputing.com/
> >>> http://www.redterror.net/
> >>>
> >>> --
> >>> To unsubscribe send an email with subject unsubscribe to
> >> pound(at)apsis.ch.
> >>> Please contact roseg(at)apsis.ch for questions.
> >>
> >> --
> >> To unsubscribe send an email with subject unsubscribe to
> >> pound(at)apsis.ch.
> >> Please contact roseg(at)apsis.ch for questions.
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

Thanks joe ill check it out

Sent from my iPhone4 on IOS4

On Jan 7, 2011, at 5:06 PM, Joe Gooch <mrwizard(at)k12system.com> wrote:

> The pound project does not package a binary at all.  Any packaging support
would be done by external maintainers.  I merely provided the Debian
information because I run Debian and could run apt-cache policy.
>
> A 10sec google search yields that 2.4.5 is available in lucid.
> http://packages.ubuntu.com/lucid/pound
>
> There's apparently further ubuntu documentation here:
> https://help.ubuntu.com/community/Pound
>
> Which I believe just about covers what you're asking... Since the example has
multiple backends and illustrates the HeadRequire directive.
>
> Joe
>
>> -----Original Message-----
>> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
>> Sent: Friday, January 07, 2011 4:50 PM
>> To: pound(at)apsis.ch
>> Subject: Re: [Pound Mailing List] Question on setup
>>
>> So no lucid support?
>>
>> Sent from my iPhone4 on IOS4
>>
>> On Jan 7, 2011, at 4:47 PM, Joe Gooch <mrwizard(at)k12system.com> wrote:
>>
>>> 2.4.3 is available in Lenny, 2.5 is available in squeeze and sid.
>>>
>>> Joe
>>>
>>>> -----Original Message-----
>>>> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
>>>> Sent: Friday, January 07, 2011 4:34 PM
>>>> To: pound(at)apsis.ch
>>>> Subject: Re: [Pound Mailing List] Question on setup
>>>>
>>>> Ok, but how do you configure it and how is it called? I can install
>> it
>>>> on a ubuntu 10.10 server, any special package requirement? Is there
>> a
>>>> debian packe available for pound?
>>>>
>>>> Sent from my iPhone4 on IOS4
>>>>
>>>> On Jan 7, 2011, at 4:17 PM, Dave Steinberg <dave(at)redterror.net>
>> wrote:
>>>>
>>>>> On 1/7/2011 4:00 PM, Nelson Pereira wrote:
>>>>>> Not sure if pound can do this but here is what i need to do:
>>>>>> web1.mydomain.com resolves to 209.5.5.5 which is my public IP on
>> the
>>>>>> external side of my router. Router is setup to forward (port
>>>> forwarding) all
>>>>>> port 80 based traffic to internal ip 192.168.1.10 (my PVE system)
>>>> which I
>>>>>> want that server to lookup the request, and for web1 forward to
>>>>>> 192.168.1.101, for web2 to .102 etc.... Can pound do this and if
>> so,
>>>> how
>>>>>> should it be configured and what is the configuration file?
>>>>>> Is there a web GUI to configure pound?
>>>>>
>>>>> Yes, you want to use the 'HeadRequire' directive.  You should
>> follow
>>>> the example on apsis.ch/pound under the section "VIRTUAL HOSTS (IN
>>>> GENERAL)".  I believe that describes what you want.
>>>>>
>>>>> You get to choose your favorite text editor as the gui for
>>>> configuring pound.  :)
>>>>>
>>>>> Regards,
>>>>> --
>>>>> Dave Steinberg
>>>>> http://www.geekisp.com/
>>>>> http://www.steinbergcomputing.com/
>>>>> http://www.redterror.net/
>>>>>
>>>>> --
>>>>> To unsubscribe send an email with subject unsubscribe to
>>>> pound(at)apsis.ch.
>>>>> Please contact roseg(at)apsis.ch for questions.
>>>>
>>>> --
>>>> To unsubscribe send an email with subject unsubscribe to
>>>> pound(at)apsis.ch.
>>>> Please contact roseg(at)apsis.ch for questions.
>>>
>>> --
>>> To unsubscribe send an email with subject unsubscribe to
>> pound(at)apsis.ch.
>>> Please contact roseg(at)apsis.ch for questions.
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to
>> pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

ok instaled it and configured the pound.cfg and also changed the
/etc/default/pound with startup=1

then I start pound and get
Starting reverse proxy and load balancer: poundstarting...
 failed!
in my syslog says
  Jan 7 18:25:01  cron 32544  (root) CMD
(/usr/share/vzctl/scripts/vpsnetclean) Jan 7 18:25:18  proxwww 32594  Starting
new child 32594 Jan 7 18:25:24  proxwww 32601  Starting new child 32601 Jan
7 18:26:21  proxwww 32681  Starting new child 32681 Jan 7 18:26:51  proxwww
32711  Starting new child 32711 Jan 7 18:27:24  proxwww 300  Starting new
child 300 Jan 7 18:27:34  proxwww 331  Starting new child 331 Jan 7
18:28:02  proxwww 331  update ticket Jan 7 18:28:21  proxwww 388  Starting
new child 388 Jan 7 18:29:47  proxwww 479  Starting new child 479 Jan 7
18:29:57  proxwww 493  Starting new child 493 Jan 7 18:30:01  cron 502  (root)
CMD (/usr/share/vzctl/scripts/vpsreboot) Jan 7 18:30:01  cron 503  (root)
CMD (/usr/share/vzctl/scripts/vpsnetclean) Jan 7 18:30:01  cron 504  (root)
CMD (test -x /usr/lib/atsar/atsa1 && /usr/lib/atsar/atsa1) Jan 7 18:30:51
proxwww 592  Starting new child 592 Jan 7 18:31:01  proxwww 614  Starting
new child 614 Jan 7 18:31:43  proxwww 727  Starting new child 727 Jan 7
18:32:04  proxwww 772  Starting new child 772 Jan 7 18:32:49  proxwww
833  Starting
new child 833 Jan 7 18:33:28  proxwww 873  Starting new child 873 Jan 7
18:33:31  proxwww 877  Starting new child 877 Jan 7 18:34:31  proxwww
943  Starting
new child 943 Jan 7 18:35:01  cron 982  (root) CMD
(/usr/share/vzctl/scripts/vpsreboot) Jan 7 18:35:01  cron 983  (root) CMD
(/usr/share/vzctl/scripts/vpsnetclean) Jan 7 18:35:03  proxwww 1001  Starting
new child 1001 Jan 7 18:35:17  proxwww 1084  Starting new child 1084 Jan 7
18:36:01  proxwww 1149  Starting new child 1149 Jan 7 18:36:20  proxwww
1192  Starting new child 1192 Jan 7 18:36:51  pvedaemon 2604  worker 31947
finished Jan 7 18:36:51  pvedaemon 2604  starting 1 worker(s) Jan 7
18:36:51  pvedaemon 2604  worker 1225 started Jan 7 18:37:03  proxwww
1238  Starting
new child 1238 Jan 7 18:37:24  proxwww 1273  Starting new child 1273 Jan 7
18:38:05  pound   HTTP socket bind 127.0.0.1:80: Address already in use -
aborted Jan 7 18:38:06  pvedaemon 2604  worker 31976 finished Jan 7
18:38:06  pvedaemon 2604  starting 1 worker(s) Jan 7 18:38:06  pvedaemon
2604  worker 1341 started Jan 7 18:38:09  proxwww 1345  Starting new child
1345 Jan 7 18:38:19  proxwww 1356  Starting new child 1356 Jan 7 18:39:15
proxwww 1423  Starting new child 1423 Jan 7 18:39:22  proxwww 1431  Starting
new child 1431 Jan 7 18:39:33  proxwww 1423  update ticket Jan 7 18:40:01
cron 1461  (root) CMD (/usr/share/vzctl/scripts/vpsreboot) Jan 7 18:40:01
cron 1462  (root) CMD (/usr/share/vzctl/scripts/vpsnetclean) Jan 7 18:40:01
cron 1463  (root) CMD (test -x /usr/lib/atsar/atsa1 &&
/usr/lib/atsar/atsa1) Jan
7 18:40:13  proxwww 1496  Starting new child 1496 Jan 7 18:40:46  pound   HTTP
socket bind 192.168.1.10:80: Address already in use - aborted Jan 7
18:40:46  proxwww 1553  Starting new child 1553 Jan 7 18:41:18  proxwww
1607  Starting new child 1607 Jan 7 18:41:53  proxwww 1640  Starting new
child 1640 Jan 7 18:42:00  proxwww 1648  Starting new child 1648 Jan 7
18:42:59  proxwww 1706  Starting new child 1706 Jan 7 18:43:14  proxwww
1728  Starting new child 1728 Jan 7 18:44:06  proxwww 1784  Starting new
child 1784 Jan 7 18:44:21  proxwww 1798  Starting new child 1798 Jan 7
18:45:01  cron 1842  (root) CMD (/usr/share/vzctl/scripts/vpsreboot) Jan 7
18:45:01  cron 1843  (root) CMD (/usr/share/vzctl/scripts/vpsnetclean) Jan 7
18:45:12  ntpd 2797  synchronized to 216.93.242.10, stratum 2 Jan 7
18:45:12  ntpd 2797  kernel time sync status change 4001 Jan 7 18:45:13
proxwww 1877  Starting new child 1877 Jan 7 18:45:14  proxwww 1879  Starting
new child 1879 Jan 7 18:45:14  proxwww 1880  Starting new child 1880 Jan 7
18:46:21  proxwww 1962  Starting new child 1962 Jan 7 18:46:39  proxwww
2006  Starting new child 2006 Jan 7 18:47:10  proxwww 2038  Starting new
child 2038 Jan 7 18:48:00  proxwww 2086  Starting new child 2086 Jan 7
18:48:01  proxwww 2088  Starting new child 2088 Jan 7 18:48:01  proxwww
2087  Starting new child 2087 Jan 7 18:49:07  proxwww 2153  Starting new
child 2153 Jan 7 18:49:16  proxwww 2164  Starting new child 2164 Jan 7
18:50:01  cron 2211  (root) CMD (/usr/share/vzctl/scripts/vpsnetclean) Jan 7
18:50:01  cron 2213  (root) CMD (/usr/share/vzctl/scripts/vpsreboot) Jan 7
18:50:01  cron 2212  (root) CMD (test -x /usr/lib/atsar/atsa1 &&
/usr/lib/atsar/atsa1) Jan 7 18:50:07  proxwww 2241  Starting new child 2241 Jan
7 18:50:28  proxwww 2262  Starting new child 2262 Jan 7 18:51:10  proxwww
2321  Starting new child 2321 Jan 7 18:51:53  proxwww 2388  Starting new
child 2388 Jan 7 18:52:26  proxwww 2427  Starting new child 2427 Jan 7
18:52:32  proxwww 2435  Starting new child 2435 Jan 7 18:53:32  proxwww
2492  Starting new child 2492 Jan 7 18:53:46  proxwww 2508  Starting new
child 2508 Jan 7 18:54:38  proxwww 2557  Starting new child 2557 Jan 7
18:54:41  proxwww 2560  Starting new child 2560 Jan 7 18:55:01  cron
2583  (root)
CMD (/usr/share/vzctl/scripts/vpsreboot) Jan 7 18:55:01  cron 2584  (root)
CMD (/usr/share/vzctl/scripts/vpsnetclean) Jan 7 18:55:45  proxwww
2646  Starting
new child 2646 Jan 7 18:55:55  proxwww 2657  Starting new child 2657 Jan 7
18:56:51  proxwww 2868  Starting new child 2868 Jan 7 18:57:18  proxwww
2894  Starting new child 2894 Jan 7 18:57:57  proxwww 2933  Starting new
child 2933 Jan 7 18:58:30  proxwww 2976  Starting new child 2976 Jan 7
18:58:32  proxwww 2978  Starting new child 2978 Jan 7 18:58:49  pound   HTTP
socket bind 192.168.1.10:80: Address already in use - aborted Jan 7
18:59:36  proxwww 3050  Starting new child 3050 Jan 7 19:00:01  cron
3076  (root)
CMD (/usr/share/vzctl/scripts/vpsnetclean) Jan 7 19:00:01  cron 3077  (root)
CMD (test -x /usr/lib/atsar/atsa1 && /usr/lib/atsar/atsa1) Jan 7 19:00:01
cron 3078  (root) CMD (/usr/share/vzctl/scripts/vpsreboot) Jan 7 19:00:09
proxwww 3108  Starting new child 3108 Jan 7 19:00:10  proxwww 3109  Starting
new child 3109 Jan 7 19:00:10  proxwww 3110  Starting new child 3110

Jan  7 18:58:49 proxmox pound: HTTP socket bind 192.168.1.10:80: Address
already in use - aborted
Jan  7 18:59:36 proxmox proxwww[3050]: Starting new child 3050
Jan  7 19:00:09 proxmox proxwww[3108]: Starting new child 3108
Jan  7 19:00:10 proxmox proxwww[3109]: Starting new child 3109
Jan  7 19:00:10 proxmox proxwww[3110]: Starting new child 3110

It does not seem to work... I dont see any traffic comming in.

Yet:
proxmox:/etc/pound# /etc/init.d/pound status
pound is running.


On Fri, Jan 7, 2011 at 5:08 PM, Nelson Pereira <kitkat0981(at)gmail.com> wrote:

> Thanks joe ill check it out
>
> Sent from my iPhone4 on IOS4
>
>  On Jan 7, 2011, at 5:06 PM, Joe Gooch <mrwizard(at)k12system.com> wrote:
>
> > The pound project does not package a binary at all.  Any packaging
> support would be done by external maintainers.  I merely provided the Debian
> information because I run Debian and could run apt-cache policy.
> >
> > A 10sec google search yields that 2.4.5 is available in lucid.
> > http://packages.ubuntu.com/lucid/pound
> >
> > There's apparently further ubuntu documentation here:
> > https://help.ubuntu.com/community/Pound
> >
> > Which I believe just about covers what you're asking... Since the example
> has multiple backends and illustrates the HeadRequire directive.
> >
> > Joe
> >
> >> -----Original Message-----
> >> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> >> Sent: Friday, January 07, 2011 4:50 PM
> >> To: pound(at)apsis.ch
> >> Subject: Re: [Pound Mailing List] Question on setup
> >>
> >> So no lucid support?
> >>
> >> Sent from my iPhone4 on IOS4
> >>
> >> On Jan 7, 2011, at 4:47 PM, Joe Gooch <mrwizard(at)k12system.com> wrote:
> >>
> >>> 2.4.3 is available in Lenny, 2.5 is available in squeeze and sid.
> >>>
> >>> Joe
> >>>
> >>>> -----Original Message-----
> >>>> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> >>>> Sent: Friday, January 07, 2011 4:34 PM
> >>>> To: pound(at)apsis.ch
> >>>> Subject: Re: [Pound Mailing List] Question on setup
> >>>>
> >>>> Ok, but how do you configure it and how is it called? I can install
> >> it
> >>>> on a ubuntu 10.10 server, any special package requirement? Is there
> >> a
> >>>> debian packe available for pound?
> >>>>
> >>>> Sent from my iPhone4 on IOS4
> >>>>
> >>>> On Jan 7, 2011, at 4:17 PM, Dave Steinberg <dave(at)redterror.net>
> >> wrote:
> >>>>
> >>>>> On 1/7/2011 4:00 PM, Nelson Pereira wrote:
> >>>>>> Not sure if pound can do this but here is what i need to do:
> >>>>>> web1.mydomain.com resolves to 209.5.5.5 which is my public IP on
> >> the
> >>>>>> external side of my router. Router is setup to forward (port
> >>>> forwarding) all
> >>>>>> port 80 based traffic to internal ip 192.168.1.10 (my PVE system)
> >>>> which I
> >>>>>> want that server to lookup the request, and for web1 forward to
> >>>>>> 192.168.1.101, for web2 to .102 etc.... Can pound do this and if
> >> so,
> >>>> how
> >>>>>> should it be configured and what is the configuration file?
> >>>>>> Is there a web GUI to configure pound?
> >>>>>
> >>>>> Yes, you want to use the 'HeadRequire' directive.  You should
> >> follow
> >>>> the example on apsis.ch/pound under the section "VIRTUAL HOSTS (IN
> >>>> GENERAL)".  I believe that describes what you want.
> >>>>>
> >>>>> You get to choose your favorite text editor as the gui for
> >>>> configuring pound.  :)
> >>>>>
> >>>>> Regards,
> >>>>> --
> >>>>> Dave Steinberg
> >>>>> http://www.geekisp.com/
> >>>>> http://www.steinbergcomputing.com/
> >>>>> http://www.redterror.net/
> >>>>>
> >>>>> --
> >>>>> To unsubscribe send an email with subject unsubscribe to
> >>>> pound(at)apsis.ch.
> >>>>> Please contact roseg(at)apsis.ch for questions.
> >>>>
> >>>> --
> >>>> To unsubscribe send an email with subject unsubscribe to
> >>>> pound(at)apsis.ch.
> >>>> Please contact roseg(at)apsis.ch for questions.
> >>>
> >>> --
> >>> To unsubscribe send an email with subject unsubscribe to
> >> pound(at)apsis.ch.
> >>> Please contact roseg(at)apsis.ch for questions.
> >>
> >> --
> >> To unsubscribe send an email with subject unsubscribe to
> >> pound(at)apsis.ch.
> >> Please contact roseg(at)apsis.ch for questions.
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>

Can anyone help me in setting up https ?

I really need help on this please.

How do I create a pem file and is my config bellow ok?


Thanks

On Jan 7, 2011, at 7:53 PM, Nelson Pereira wrote:

> Hi,
> 
> Got most of my hosts working now.
> 
> Although, im having problems with 2 webservers that actually use https
> 
> the first, you need to access https://web10.mydomain.com:10443
> the other is https://web20.mydomain.com:10000
> 
> I setup my service for https as:
> ListenHTTPS
>                  Address 192.168.1.104
>                  Port    443
>  End
> 
> the 2 services are as follows:
> 
>        Service
>                HeadRequire "Host:.*web10.mydomain.com.*"
>                BackEnd
>                        Address 192.168.1.10
>                        Port    10443
>                End
>        End
>         Service
>                HeadRequire "Host:.*web20.mydomain.com.*"
>                BackEnd
>                        Address 192.168.1.5
>                        Port    10000
>                End
>        End
> 
> it's not working... am i doing this wrong?
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

On 1/8/2011 6:05 PM, nelson pereira wrote:
> Can anyone help me in setting up https ?
>
> I really need help on this please.
>
> How do I create a pem file and is my config bellow ok?

A pem format file is just:

$ cat server.key server.crt intermediate-certs > server.pem

If you have no intermediate certs, then obviously omit that.

Regarding the rest of your config, I believe you need a directive to 
tell pound to talk to the backends over https, assuming that's what you 
want.  I don't use that feature, so I'll have to refer you to the man 
page for the specifics.

Regards,
-- 
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/

but how do i create the server.key and server.crt?

thanks




On Jan 8, 2011, at 6:47 PM, Dave Steinberg wrote:

> On 1/8/2011 6:05 PM, nelson pereira wrote:
>> Can anyone help me in setting up https ?
>> 
>> I really need help on this please.
>> 
>> How do I create a pem file and is my config bellow ok?
> 
> A pem format file is just:
> 
> $ cat server.key server.crt intermediate-certs > server.pem
> 
> If you have no intermediate certs, then obviously omit that.
> 
> Regarding the rest of your config, I believe you need a directive to tell
pound to talk to the backends over https, assuming that's what you want.  I
don't use that feature, so I'll have to refer you to the man page for the
specifics.
> 
> Regards,
> -- 
> Dave Steinberg
> http://www.geekisp.com/
> http://www.steinbergcomputing.com/
> http://www.redterror.net/
> 
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

On Sat, 2011-01-08 at 19:59 -0500, nelson pereira wrote:
> but how do i create the server.key and server.crt?

http://www.google.com/search?q=how+do+i+create+the+server.key+and+server.crt

ok, so now that I have my server.pem file created and copied to /etc/pound
what does my pound.cfg file should look like to enable HTTPS ?





> On Sat, 2011-01-08 at 19:59 -0500, nelson pereira wrote:
> > but how do i create the server.key and server.crt?
>
>
> http://www.google.com/search?q=how+do+i+create+the+server.key+and+server.crt
>
>
>
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>

got it, just had to add the Cert "/etc/pound/server.pem"

Restarted pound and started ok. But when I go to my
https://web1.mydomain.com i get this error in syslog:

Jan  9 22:06:20 pound pound: (b737fb70) e500 can't read header
Jan  9 22:06:20 pound pound: (b737fb70) e500 response error read from
192.168.1.10:443/GET / HTTP/1.1: Success (0.001 secs)




On Sun, Jan 9, 2011 at 5:02 PM, Nelson Pereira <kitkat0981(at)gmail.com> wrote:

> ok, so now that I have my server.pem file created and copied to /etc/pound
> what does my pound.cfg file should look like to enable HTTPS ?
>
>
>
>
>
>> On Sat, 2011-01-08 at 19:59 -0500, nelson pereira wrote:
>> > but how do i create the server.key and server.crt?
>>
>>
>> http://www.google.com/search?q=how+do+i+create+the+server.key+and+server.crt
>>
>>
>>
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
>>
>
>

On 1/9/2011 5:02 PM, Nelson Pereira wrote:
> ok, so now that I have my server.pem file created and copied to /etc/pound
> what does my pound.cfg file should look like to enable HTTPS ?

You're looking for the 'HTTPS Listener' section of the man page.  Roughly:

ListenHTTPS
         Address A.B.C.D
         Port 443
         Cert "/path/to/my/pem"
End

Put any service definitions you want in there, or just keep them global 
(my preference).

Regards,
-- 
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/

On 1/9/2011 5:07 PM, Nelson Pereira wrote:
> got it, just had to add the Cert "/etc/pound/server.pem"
>
> Restarted pound and started ok. But when I go to my
> https://web1.mydomain.com i get this error in syslog:
>
> Jan  9 22:06:20 pound pound: (b737fb70) e500 can't read header
> Jan  9 22:06:20 pound pound: (b737fb70) e500 response error read from
> 192.168.1.10:443/GET / HTTP/1.1: Success (0.001 secs)

I'm not immediately familiar with this error, but let's see the full 
config where it is now.  My guess is that you need "HTTPS" specified in 
the backend definition, since normally pound talks to the backends over 
regular HTTP.

Regards,
-- 
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/

done that, and the service looks like this:

        Service
                HeadRequire "Host:.*proxmox.mydomain.com.*"
                BackEnd
                        Address 192.168.1.10
                        Port    443
                End
        End

Yet I keep getting the logs in syslog:
can't read header
e500 response error read from 192.168.1.10:443/GET / HTTP/1.1: Success
(0.001 secs)

and then i get a page cannot be displayed.


On Sun, Jan 9, 2011 at 5:16 PM, Dave Steinberg <dave(at)redterror.net> wrote:

> On 1/9/2011 5:02 PM, Nelson Pereira wrote:
>
>> ok, so now that I have my server.pem file created and copied to /etc/pound
>> what does my pound.cfg file should look like to enable HTTPS ?
>>
>
> You're looking for the 'HTTPS Listener' section of the man page.  Roughly:
>
> ListenHTTPS
>        Address A.B.C.D
>        Port 443
>        Cert "/path/to/my/pem"
> End
>
> Put any service definitions you want in there, or just keep them global (my
> preference).
>
>
> Regards,
> --
> Dave Steinberg
> http://www.geekisp.com/
> http://www.steinbergcomputing.com/
> http://www.redterror.net/
>
> --
>  To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>

On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> done that, and the service looks like this:
>
>          Service
>                  HeadRequire "Host:.*proxmox.mydomain.com.*"
>                  BackEnd
>                          Address 192.168.1.10
>                          Port    443
>                  End
>          End
>
> Yet I keep getting the logs in syslog:
> can't read header
> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1: Success
> (0.001 secs)
>
> and then i get a page cannot be displayed.

Try adding "HTTPS" to the backend directive.  I'm not 100% sure of the 
syntax there, I think its literally a bareword as in:

BackEnd
	Address 192...
	Port 443
	HTTPS
End

That will tell pound to talk https to the backend.  I don't use that 
myself so I can't advise precisely how it should look, but play around 
with it or maybe check the archives to see if there are examples.

Regards,
-- 
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/

adding HTTPS to the backend did not help.

When restarting, pound complains with :

unknown directive "			HTTPS" - aborted

has anyone gotten pound to handle https on the backend also?

This is specifically for webmin that is running on a server which i want
accessible using webmin.mydomain.com
I also have a proxmox server that only communicates with https, which i want
accessible using https://proxmox.mydomain.com








On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:

> On 1/9/2011 5:25 PM, Nelson Pereira wrote:
>> done that, and the service looks like this:
>> 
>>         Service
>>                 HeadRequire "Host:.*proxmox.mydomain.com.*"
>>                 BackEnd
>>                         Address 192.168.1.10
>>                         Port    443
>>                 End
>>         End
>> 
>> Yet I keep getting the logs in syslog:
>> can't read header
>> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1: Success
>> (0.001 secs)
>> 
>> and then i get a page cannot be displayed.
> 
> Try adding "HTTPS" to the backend directive.  I'm not 100% sure of the syntax
there, I think its literally a bareword as in:
> 
> BackEnd
> 	Address 192...
> 	Port 443
> 	HTTPS
> End
> 
> That will tell pound to talk https to the backend.  I don't use that myself
so I can't advise precisely how it should look, but play around with it or
maybe check the archives to see if there are examples.
> 
> Regards,
> -- 
> Dave Steinberg
> http://www.geekisp.com/
> http://www.steinbergcomputing.com/
> http://www.redterror.net/
> 
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

does pound do https to https backend?

I think this is something proxmox does not actualy do.. am i wrong?

Nelson

On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:

> On 1/9/2011 5:25 PM, Nelson Pereira wrote:
>> done that, and the service looks like this:
>> 
>>         Service
>>                 HeadRequire "Host:.*proxmox.mydomain.com.*"
>>                 BackEnd
>>                         Address 192.168.1.10
>>                         Port    443
>>                 End
>>         End
>> 
>> Yet I keep getting the logs in syslog:
>> can't read header
>> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1: Success
>> (0.001 secs)
>> 
>> and then i get a page cannot be displayed.
> 
> Try adding "HTTPS" to the backend directive.  I'm not 100% sure of the syntax
there, I think its literally a bareword as in:
> 
> BackEnd
> 	Address 192...
> 	Port 443
> 	HTTPS
> End
> 
> That will tell pound to talk https to the backend.  I don't use that myself
so I can't advise precisely how it should look, but play around with it or
maybe check the archives to see if there are examples.
> 
> Regards,
> -- 
> Dave Steinberg
> http://www.geekisp.com/
> http://www.steinbergcomputing.com/
> http://www.redterror.net/
> 
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

Support for HTTPS backends was added in Pound 2.5c.

You configure in a backend group by using the HTTPS Directive.  From the Pound
manual page:

BackEnd
       A back-end is a definition of a single back-end server Pound will use to
reply to incoming requests.  All configuration directives enclosed between
BackEnd and End
       are specific to a single service. The following directives are
available:

       Address address
              The address that Pound will connect to. This can be a numeric IP
address, or a symbolic host name that must be resolvable at run-time. If the
name cannot be
              resolved to a valid address, Pound will assume that it represents
the path for a Unix-domain socket. This is a mandatory parameter.

       Port port
              The port number that Pound will connect to. This is a mandatory
parameter for non Unix-domain back-ends.

       HTTPS [ "cert" ]
              The back-end is using HTTPS. If the optional parameter cert is
specified, Pound will present this certificate to the back-end.

       Priority val
              The  priority  of  this  back-end (between 1 and 9, 5 is
default). Higher priority back-ends will be used more often than lower priority
ones, so you should
              define higher priorities for more capable servers.

       TimeOut val
              Override the global TimeOut value.

       ConnTO val
              Override the global ConnTO value.

       HAport [ address ] port
              A port (and optional address) to be used for server function
checks. See below the "High Availability" section for a more detailed 
discussion.  By  default
              Pound  uses the same address as the back-end server, but you may
use a separate address if you wish. This directive applies only to non
Unix-domain servers.


Joe


> -----Original Message-----
> From: nelson pereira [mailto:kitkat0981(at)gmail.com]
> Sent: Sunday, January 09, 2011 9:51 PM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] About https
> 
> does pound do https to https backend?
> 
> I think this is something proxmox does not actualy do.. am i wrong?
> 
> Nelson
> 
> On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:
> 
> > On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> >> done that, and the service looks like this:
> >>
> >>         Service
> >>                 HeadRequire "Host:.*proxmox.mydomain.com.*"
> >>                 BackEnd
> >>                         Address 192.168.1.10
> >>                         Port    443
> >>                 End
> >>         End
> >>
> >> Yet I keep getting the logs in syslog:
> >> can't read header
> >> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1:
> Success
> >> (0.001 secs)
> >>
> >> and then i get a page cannot be displayed.
> >
> > Try adding "HTTPS" to the backend directive.  I'm not 100% sure of
> the syntax there, I think its literally a bareword as in:
> >
> > BackEnd
> > 	Address 192...
> > 	Port 443
> > 	HTTPS
> > End
> >
> > That will tell pound to talk https to the backend.  I don't use that
> myself so I can't advise precisely how it should look, but play around
> with it or maybe check the archives to see if there are examples.
> >
> > Regards,
> > --
> > Dave Steinberg
> > http://www.geekisp.com/
> > http://www.steinbergcomputing.com/
> > http://www.redterror.net/
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

My version is :

root(at)pound:~# pound -V
starting...
Version 2.4.5
  Configuration switches:
    --enable-cert1l


i installed using apt-get, how do I upgrade to 2.5c as apt-get does not have
that release?

NP

On Mon, Jan 10, 2011 at 11:03 AM, Joe Gooch <mrwizard(at)k12system.com> wrote:

> Support for HTTPS backends was added in Pound 2.5c.
>
> You configure in a backend group by using the HTTPS Directive.  From the
> Pound manual page:
>
> BackEnd
>       A back-end is a definition of a single back-end server Pound will use
> to reply to incoming requests.  All configuration directives enclosed
> between BackEnd and End
>       are specific to a single service. The following directives are
> available:
>
>       Address address
>              The address that Pound will connect to. This can be a numeric
> IP address, or a symbolic host name that must be resolvable at run-time. If
> the name cannot be
>              resolved to a valid address, Pound will assume that it
> represents the path for a Unix-domain socket. This is a mandatory parameter.
>
>       Port port
>              The port number that Pound will connect to. This is a
> mandatory parameter for non Unix-domain back-ends.
>
>       HTTPS [ "cert" ]
>              The back-end is using HTTPS. If the optional parameter cert is
> specified, Pound will present this certificate to the back-end.
>
>       Priority val
>              The  priority  of  this  back-end (between 1 and 9, 5 is
> default). Higher priority back-ends will be used more often than lower
> priority ones, so you should
>              define higher priorities for more capable servers.
>
>       TimeOut val
>              Override the global TimeOut value.
>
>       ConnTO val
>              Override the global ConnTO value.
>
>       HAport [ address ] port
>              A port (and optional address) to be used for server function
> checks. See below the "High Availability" section for a more detailed
>  discussion.  By  default
>              Pound  uses the same address as the back-end server, but you
> may use a separate address if you wish. This directive applies only to non
> Unix-domain servers.
>
>
> Joe
>
>
> > -----Original Message-----
> > From: nelson pereira [mailto:kitkat0981(at)gmail.com]
> > Sent: Sunday, January 09, 2011 9:51 PM
> > To: pound(at)apsis.ch
> > Subject: Re: [Pound Mailing List] About https
> >
> > does pound do https to https backend?
> >
> > I think this is something proxmox does not actualy do.. am i wrong?
> >
> > Nelson
> >
> > On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:
> >
> > > On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> > >> done that, and the service looks like this:
> > >>
> > >>         Service
> > >>                 HeadRequire "Host:.*proxmox.mydomain.com.*"
> > >>                 BackEnd
> > >>                         Address 192.168.1.10
> > >>                         Port    443
> > >>                 End
> > >>         End
> > >>
> > >> Yet I keep getting the logs in syslog:
> > >> can't read header
> > >> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1:
> > Success
> > >> (0.001 secs)
> > >>
> > >> and then i get a page cannot be displayed.
> > >
> > > Try adding "HTTPS" to the backend directive.  I'm not 100% sure of
> > the syntax there, I think its literally a bareword as in:
> > >
> > > BackEnd
> > >     Address 192...
> > >     Port 443
> > >     HTTPS
> > > End
> > >
> > > That will tell pound to talk https to the backend.  I don't use that
> > myself so I can't advise precisely how it should look, but play around
> > with it or maybe check the archives to see if there are examples.
> > >
> > > Regards,
> > > --
> > > Dave Steinberg
> > > http://www.geekisp.com/
> > > http://www.steinbergcomputing.com/
> > > http://www.redterror.net/
> > >
> > > --
> > > To unsubscribe send an email with subject unsubscribe to
> > pound(at)apsis.ch.
> > > Please contact roseg(at)apsis.ch for questions.
> >
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> > pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>

You would need to pull a pound 2.5 deb package (for instance from debian sid),
or compile pound yourself.  (Or at least compile pound and replace the pound
binary in /usr/sbin or wherever the package put it)

See http://www.apsis.ch/pound/index_html, installation section.

Joe


> -----Original Message-----
> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> Sent: Monday, January 10, 2011 11:18 AM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] About https
> 
> My version is :
> 
> root(at)pound:~# pound -V
> starting...
> Version 2.4.5
>   Configuration switches:
>     --enable-cert1l
> 
> 
> i installed using apt-get, how do I upgrade to 2.5c as apt-get does not
> have
> that release?
> 
> NP
> 
> On Mon, Jan 10, 2011 at 11:03 AM, Joe Gooch <mrwizard(at)k12system.com>
> wrote:
> 
> > Support for HTTPS backends was added in Pound 2.5c.
> >
> > You configure in a backend group by using the HTTPS Directive.  From
> the
> > Pound manual page:
> >
> > BackEnd
> >       A back-end is a definition of a single back-end server Pound
> will use
> > to reply to incoming requests.  All configuration directives enclosed
> > between BackEnd and End
> >       are specific to a single service. The following directives are
> > available:
> >
> >       Address address
> >              The address that Pound will connect to. This can be a
> numeric
> > IP address, or a symbolic host name that must be resolvable at run-
> time. If
> > the name cannot be
> >              resolved to a valid address, Pound will assume that it
> > represents the path for a Unix-domain socket. This is a mandatory
> parameter.
> >
> >       Port port
> >              The port number that Pound will connect to. This is a
> > mandatory parameter for non Unix-domain back-ends.
> >
> >       HTTPS [ "cert" ]
> >              The back-end is using HTTPS. If the optional parameter
> cert is
> > specified, Pound will present this certificate to the back-end.
> >
> >       Priority val
> >              The  priority  of  this  back-end (between 1 and 9, 5 is
> > default). Higher priority back-ends will be used more often than
> lower
> > priority ones, so you should
> >              define higher priorities for more capable servers.
> >
> >       TimeOut val
> >              Override the global TimeOut value.
> >
> >       ConnTO val
> >              Override the global ConnTO value.
> >
> >       HAport [ address ] port
> >              A port (and optional address) to be used for server
> function
> > checks. See below the "High Availability" section for a more detailed
> >  discussion.  By  default
> >              Pound  uses the same address as the back-end server, but
> you
> > may use a separate address if you wish. This directive applies only
> to non
> > Unix-domain servers.
> >
> >
> > Joe
> >
> >
> > > -----Original Message-----
> > > From: nelson pereira [mailto:kitkat0981(at)gmail.com]
> > > Sent: Sunday, January 09, 2011 9:51 PM
> > > To: pound(at)apsis.ch
> > > Subject: Re: [Pound Mailing List] About https
> > >
> > > does pound do https to https backend?
> > >
> > > I think this is something proxmox does not actualy do.. am i wrong?
> > >
> > > Nelson
> > >
> > > On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:
> > >
> > > > On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> > > >> done that, and the service looks like this:
> > > >>
> > > >>         Service
> > > >>                 HeadRequire "Host:.*proxmox.mydomain.com.*"
> > > >>                 BackEnd
> > > >>                         Address 192.168.1.10
> > > >>                         Port    443
> > > >>                 End
> > > >>         End
> > > >>
> > > >> Yet I keep getting the logs in syslog:
> > > >> can't read header
> > > >> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1:
> > > Success
> > > >> (0.001 secs)
> > > >>
> > > >> and then i get a page cannot be displayed.
> > > >
> > > > Try adding "HTTPS" to the backend directive.  I'm not 100% sure
> of
> > > the syntax there, I think its literally a bareword as in:
> > > >
> > > > BackEnd
> > > >     Address 192...
> > > >     Port 443
> > > >     HTTPS
> > > > End
> > > >
> > > > That will tell pound to talk https to the backend.  I don't use
> that
> > > myself so I can't advise precisely how it should look, but play
> around
> > > with it or maybe check the archives to see if there are examples.
> > > >
> > > > Regards,
> > > > --
> > > > Dave Steinberg
> > > > http://www.geekisp.com/
> > > > http://www.steinbergcomputing.com/
> > > > http://www.redterror.net/
> > > >
> > > > --
> > > > To unsubscribe send an email with subject unsubscribe to
> > > pound(at)apsis.ch.
> > > > Please contact roseg(at)apsis.ch for questions.
> > >
> > >
> > > --
> > > To unsubscribe send an email with subject unsubscribe to
> > > pound(at)apsis.ch.
> > > Please contact roseg(at)apsis.ch for questions.
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> >
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

(I was really hoping that encoding issue was gone... oh well.)

You would need to pull a pound 2.5 deb package (for instance from debian sid),
or compile pound yourself.  (Or at least compile pound and replace the pound
binary in /usr/sbin or wherever the package put it)

See http://www.apsis.ch/pound/index_html, installation section.

Joe

> -----Original Message-----
> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> Sent: Monday, January 10, 2011 11:18 AM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] About https
> 
> My version is :
> 
> root(at)pound:~# pound -V
> starting...
> Version 2.4.5
>   Configuration switches:
>     --enable-cert1l
> 
> 
> i installed using apt-get, how do I upgrade to 2.5c as apt-get does not
> have
> that release?
> 
> NP
> 
> On Mon, Jan 10, 2011 at 11:03 AM, Joe Gooch <mrwizard(at)k12system.com>
> wrote:
> 
> > Support for HTTPS backends was added in Pound 2.5c.
> >
> > You configure in a backend group by using the HTTPS Directive.  From
> the
> > Pound manual page:
> >
> > BackEnd
> >       A back-end is a definition of a single back-end server Pound
> will use
> > to reply to incoming requests.  All configuration directives enclosed
> > between BackEnd and End
> >       are specific to a single service. The following directives are
> > available:
> >
> >       Address address
> >              The address that Pound will connect to. This can be a
> numeric
> > IP address, or a symbolic host name that must be resolvable at run-
> time. If
> > the name cannot be
> >              resolved to a valid address, Pound will assume that it
> > represents the path for a Unix-domain socket. This is a mandatory
> parameter.
> >
> >       Port port
> >              The port number that Pound will connect to. This is a
> > mandatory parameter for non Unix-domain back-ends.
> >
> >       HTTPS [ "cert" ]
> >              The back-end is using HTTPS. If the optional parameter
> cert is
> > specified, Pound will present this certificate to the back-end.
> >
> >       Priority val
> >              The  priority  of  this  back-end (between 1 and 9, 5 is
> > default). Higher priority back-ends will be used more often than
> lower
> > priority ones, so you should
> >              define higher priorities for more capable servers.
> >
> >       TimeOut val
> >              Override the global TimeOut value.
> >
> >       ConnTO val
> >              Override the global ConnTO value.
> >
> >       HAport [ address ] port
> >              A port (and optional address) to be used for server
> function
> > checks. See below the "High Availability" section for a more detailed
> >  discussion.  By  default
> >              Pound  uses the same address as the back-end server, but
> you
> > may use a separate address if you wish. This directive applies only
> to non
> > Unix-domain servers.
> >
> >
> > Joe
> >
> >
> > > -----Original Message-----
> > > From: nelson pereira [mailto:kitkat0981(at)gmail.com]
> > > Sent: Sunday, January 09, 2011 9:51 PM
> > > To: pound(at)apsis.ch
> > > Subject: Re: [Pound Mailing List] About https
> > >
> > > does pound do https to https backend?
> > >
> > > I think this is something proxmox does not actualy do.. am i wrong?
> > >
> > > Nelson
> > >
> > > On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:
> > >
> > > > On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> > > >> done that, and the service looks like this:
> > > >>
> > > >>         Service
> > > >>                 HeadRequire "Host:.*proxmox.mydomain.com.*"
> > > >>                 BackEnd
> > > >>                         Address 192.168.1.10
> > > >>                         Port    443
> > > >>                 End
> > > >>         End
> > > >>
> > > >> Yet I keep getting the logs in syslog:
> > > >> can't read header
> > > >> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1:
> > > Success
> > > >> (0.001 secs)
> > > >>
> > > >> and then i get a page cannot be displayed.
> > > >
> > > > Try adding "HTTPS" to the backend directive.  I'm not 100% sure
> of
> > > the syntax there, I think its literally a bareword as in:
> > > >
> > > > BackEnd
> > > >     Address 192...
> > > >     Port 443
> > > >     HTTPS
> > > > End
> > > >
> > > > That will tell pound to talk https to the backend.  I don't use
> that
> > > myself so I can't advise precisely how it should look, but play
> around
> > > with it or maybe check the archives to see if there are examples.
> > > >
> > > > Regards,
> > > > --
> > > > Dave Steinberg
> > > > http://www.geekisp.com/
> > > > http://www.steinbergcomputing.com/
> > > > http://www.redterror.net/
> > > >
> > > > --
> > > > To unsubscribe send an email with subject unsubscribe to
> > > pound(at)apsis.ch.
> > > > Please contact roseg(at)apsis.ch for questions.
> > >
> > >
> > > --
> > > To unsubscribe send an email with subject unsubscribe to
> > > pound(at)apsis.ch.
> > > Please contact roseg(at)apsis.ch for questions.
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> >
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

It appears ubuntu maverick has a pound 2.5 package.

http://packages.ubuntu.com/source/maverick/pound

Joe

> -----Original Message-----
> From: Joe Gooch [mailto:mrwizard(at)k12system.com]
> Sent: Monday, January 10, 2011 12:05 PM
> To: pound(at)apsis.ch
> Subject: RE: [Pound Mailing List] About https
> 
> You would need to pull a pound 2.5 deb package (for instance from
> debian sid), or compile pound yourself.  (Or at least compile pound and
> replace the pound binary in /usr/sbin or wherever the package put it)
> 
> See http://www.apsis.ch/pound/index_html, installation section.
> 
> Joe
> 
> 
> > -----Original Message-----
> > From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> > Sent: Monday, January 10, 2011 11:18 AM
> > To: pound(at)apsis.ch
> > Subject: Re: [Pound Mailing List] About https
> >
> > My version is :
> >
> > root(at)pound:~# pound -V
> > starting...
> > Version 2.4.5
> >   Configuration switches:
> >     --enable-cert1l
> >
> >
> > i installed using apt-get, how do I upgrade to 2.5c as apt-get does
> not
> > have
> > that release?
> >
> > NP
> >
> > On Mon, Jan 10, 2011 at 11:03 AM, Joe Gooch <mrwizard(at)k12system.com>
> > wrote:
> >
> > > Support for HTTPS backends was added in Pound 2.5c.
> > >
> > > You configure in a backend group by using the HTTPS Directive.
> From
> > the
> > > Pound manual page:
> > >
> > > BackEnd
> > >       A back-end is a definition of a single back-end server Pound
> > will use
> > > to reply to incoming requests.  All configuration directives
> enclosed
> > > between BackEnd and End
> > >       are specific to a single service. The following directives
> are
> > > available:
> > >
> > >       Address address
> > >              The address that Pound will connect to. This can be a
> > numeric
> > > IP address, or a symbolic host name that must be resolvable at run-
> > time. If
> > > the name cannot be
> > >              resolved to a valid address, Pound will assume that it
> > > represents the path for a Unix-domain socket. This is a mandatory
> > parameter.
> > >
> > >       Port port
> > >              The port number that Pound will connect to. This is a
> > > mandatory parameter for non Unix-domain back-ends.
> > >
> > >       HTTPS [ "cert" ]
> > >              The back-end is using HTTPS. If the optional parameter
> > cert is
> > > specified, Pound will present this certificate to the back-end.
> > >
> > >       Priority val
> > >              The  priority  of  this  back-end (between 1 and 9, 5
> is
> > > default). Higher priority back-ends will be used more often than
> > lower
> > > priority ones, so you should
> > >              define higher priorities for more capable servers.
> > >
> > >       TimeOut val
> > >              Override the global TimeOut value.
> > >
> > >       ConnTO val
> > >              Override the global ConnTO value.
> > >
> > >       HAport [ address ] port
> > >              A port (and optional address) to be used for server
> > function
> > > checks. See below the "High Availability" section for a more
> detailed
> > >  discussion.  By  default
> > >              Pound  uses the same address as the back-end server,
> but
> > you
> > > may use a separate address if you wish. This directive applies only
> > to non
> > > Unix-domain servers.
> > >
> > >
> > > Joe
> > >
> > >
> > > > -----Original Message-----
> > > > From: nelson pereira [mailto:kitkat0981(at)gmail.com]
> > > > Sent: Sunday, January 09, 2011 9:51 PM
> > > > To: pound(at)apsis.ch
> > > > Subject: Re: [Pound Mailing List] About https
> > > >
> > > > does pound do https to https backend?
> > > >
> > > > I think this is something proxmox does not actualy do.. am i
> wrong?
> > > >
> > > > Nelson
> > > >
> > > > On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:
> > > >
> > > > > On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> > > > >> done that, and the service looks like this:
> > > > >>
> > > > >>         Service
> > > > >>                 HeadRequire "Host:.*proxmox.mydomain.com.*"
> > > > >>                 BackEnd
> > > > >>                         Address 192.168.1.10
> > > > >>                         Port    443
> > > > >>                 End
> > > > >>         End
> > > > >>
> > > > >> Yet I keep getting the logs in syslog:
> > > > >> can't read header
> > > > >> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1:
> > > > Success
> > > > >> (0.001 secs)
> > > > >>
> > > > >> and then i get a page cannot be displayed.
> > > > >
> > > > > Try adding "HTTPS" to the backend directive.  I'm not 100% sure
> > of
> > > > the syntax there, I think its literally a bareword as in:
> > > > >
> > > > > BackEnd
> > > > >     Address 192...
> > > > >     Port 443
> > > > >     HTTPS
> > > > > End
> > > > >
> > > > > That will tell pound to talk https to the backend.  I don't use
> > that
> > > > myself so I can't advise precisely how it should look, but play
> > around
> > > > with it or maybe check the archives to see if there are examples.
> > > > >
> > > > > Regards,
> > > > > --
> > > > > Dave Steinberg
> > > > > http://www.geekisp.com/
> > > > > http://www.steinbergcomputing.com/
> > > > > http://www.redterror.net/
> > > > >
> > > > > --
> > > > > To unsubscribe send an email with subject unsubscribe to
> > > > pound(at)apsis.ch.
> > > > > Please contact roseg(at)apsis.ch for questions.
> > > >
> > > >
> > > > --
> > > > To unsubscribe send an email with subject unsubscribe to
> > > > pound(at)apsis.ch.
> > > > Please contact roseg(at)apsis.ch for questions.
> > >
> > > --
> > > To unsubscribe send an email with subject unsubscribe to
> > pound(at)apsis.ch.
> > > Please contact roseg(at)apsis.ch for questions.
> > >
> >
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> > pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

Hi,

Do you have a core file? If you build pound with debug symbols and have a
core file, then you can dbg the core file and see where it is segfaulting.
Once you get that information, post it and someone will be able to better
help you. 

What other libraries are you using? (pcre, tmalloc, etc.)

What platform are you building on? (intel/amd, bsd/centos/ubuntu, ssl
accelerator, etc.)

If you are using tmalloc, then first remove it and re-build. I've had very
little success with tmalloc in any version of pound that I've built from
source (on centos 4 and centos 5).

-- Jake


> -----Original Message-----
> From: thedoghousemailcom [mailto:thedoghousemailcom(at)googlemail.com]
> Sent: Friday, January 07, 2011 6:10 AM
> To: pound(at)apsis.ch
> Subject: [Pound Mailing List] Pound segfaults
> 
> Hello list,
> 
> today I found loglines like the one:
> 
> kernel: pound[3310]: segfault at 0000000041af5ff8 rip 0000003e0ca0bc3a
> rsp 0000000041af5ff0 error 6
> 
> 
> I'm using Pound 2.5
> 
> pound -V
> starting...
> Version 2.5
>    Configuration switches:
>      --enable-cert1l
>      --with-owner=root
>      --with-group=root
> Exiting...
> 
> 
> I took the sources from http://www.invoca.ch/pub/packages/pound/.
> 
> Could someone please give me some advices?
> 
> Greetings
> 
> Paul
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

Even by upgrading to pound 2.5, it's still not working...

Jan 10 20:31:05 pound pound: (b72c2b70) e500 can't read header
Jan 10 20:31:05 pound pound: (b72c2b70) e500 response error read from
192.168.1.10:443/GET / HTTP/1.1: Success (0.002 secs)

root(at)pound:~# pound -V
starting...
Version 2.5
  Configuration switches:
    --enable-cert1l
Exiting...
root(at)pound:~#



On Mon, Jan 10, 2011 at 12:12 PM, Joe Gooch <mrwizard(at)k12system.com> wrote:

> It appears ubuntu maverick has a pound 2.5 package.
>
> http://packages.ubuntu.com/source/maverick/pound
>
> Joe
>
> > -----Original Message-----
> > From: Joe Gooch [mailto:mrwizard(at)k12system.com]
> > Sent: Monday, January 10, 2011 12:05 PM
> > To: pound(at)apsis.ch
>  > Subject: RE: [Pound Mailing List] About https
> >
> > You would need to pull a pound 2.5 deb package (for instance from
> > debian sid), or compile pound yourself.  (Or at least compile pound and
> > replace the pound binary in /usr/sbin or wherever the package put it)
> >
> > See http://www.apsis.ch/pound/index_html, installation section.
> >
> > Joe
> >
> >
> > > -----Original Message-----
> > > From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> > > Sent: Monday, January 10, 2011 11:18 AM
> > > To: pound(at)apsis.ch
> > > Subject: Re: [Pound Mailing List] About https
> > >
> > > My version is :
> > >
> > > root(at)pound:~# pound -V
> > > starting...
> > > Version 2.4.5
> > >   Configuration switches:
> > >     --enable-cert1l
> > >
> > >
> > > i installed using apt-get, how do I upgrade to 2.5c as apt-get does
> > not
> > > have
> > > that release?
> > >
> > > NP
> > >
> > > On Mon, Jan 10, 2011 at 11:03 AM, Joe Gooch <mrwizard(at)k12system.com>
> > > wrote:
> > >
> > > > Support for HTTPS backends was added in Pound 2.5c.
> > > >
> > > > You configure in a backend group by using the HTTPS Directive.
> > From
> > > the
> > > > Pound manual page:
> > > >
> > > > BackEnd
> > > >       A back-end is a definition of a single back-end server Pound
> > > will use
> > > > to reply to incoming requests.  All configuration directives
> > enclosed
> > > > between BackEnd and End
> > > >       are specific to a single service. The following directives
> > are
> > > > available:
> > > >
> > > >       Address address
> > > >              The address that Pound will connect to. This can be a
> > > numeric
> > > > IP address, or a symbolic host name that must be resolvable at run-
> > > time. If
> > > > the name cannot be
> > > >              resolved to a valid address, Pound will assume that it
> > > > represents the path for a Unix-domain socket. This is a mandatory
> > > parameter.
> > > >
> > > >       Port port
> > > >              The port number that Pound will connect to. This is a
> > > > mandatory parameter for non Unix-domain back-ends.
> > > >
> > > >       HTTPS [ "cert" ]
> > > >              The back-end is using HTTPS. If the optional parameter
> > > cert is
> > > > specified, Pound will present this certificate to the back-end.
> > > >
> > > >       Priority val
> > > >              The  priority  of  this  back-end (between 1 and 9, 5
> > is
> > > > default). Higher priority back-ends will be used more often than
> > > lower
> > > > priority ones, so you should
> > > >              define higher priorities for more capable servers.
> > > >
> > > >       TimeOut val
> > > >              Override the global TimeOut value.
> > > >
> > > >       ConnTO val
> > > >              Override the global ConnTO value.
> > > >
> > > >       HAport [ address ] port
> > > >              A port (and optional address) to be used for server
> > > function
> > > > checks. See below the "High Availability" section for a more
> > detailed
> > > >  discussion.  By  default
> > > >              Pound  uses the same address as the back-end server,
> > but
> > > you
> > > > may use a separate address if you wish. This directive applies only
> > > to non
> > > > Unix-domain servers.
> > > >
> > > >
> > > > Joe
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: nelson pereira [mailto:kitkat0981(at)gmail.com]
> > > > > Sent: Sunday, January 09, 2011 9:51 PM
> > > > > To: pound(at)apsis.ch
> > > > > Subject: Re: [Pound Mailing List] About https
> > > > >
> > > > > does pound do https to https backend?
> > > > >
> > > > > I think this is something proxmox does not actualy do.. am i
> > wrong?
> > > > >
> > > > > Nelson
> > > > >
> > > > > On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:
> > > > >
> > > > > > On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> > > > > >> done that, and the service looks like this:
> > > > > >>
> > > > > >>         Service
> > > > > >>                 HeadRequire "Host:.*proxmox.mydomain.com.*"
> > > > > >>                 BackEnd
> > > > > >>                         Address 192.168.1.10
> > > > > >>                         Port    443
> > > > > >>                 End
> > > > > >>         End
> > > > > >>
> > > > > >> Yet I keep getting the logs in syslog:
> > > > > >> can't read header
> > > > > >> e500 response error read from 192.168.1.10:443/GET / HTTP/1.1:
> > > > > Success
> > > > > >> (0.001 secs)
> > > > > >>
> > > > > >> and then i get a page cannot be displayed.
> > > > > >
> > > > > > Try adding "HTTPS" to the backend directive.  I'm not 100% sure
> > > of
> > > > > the syntax there, I think its literally a bareword as in:
> > > > > >
> > > > > > BackEnd
> > > > > >     Address 192...
> > > > > >     Port 443
> > > > > >     HTTPS
> > > > > > End
> > > > > >
> > > > > > That will tell pound to talk https to the backend.  I don't use
> > > that
> > > > > myself so I can't advise precisely how it should look, but play
> > > around
> > > > > with it or maybe check the archives to see if there are examples.
> > > > > >
> > > > > > Regards,
> > > > > > --
> > > > > > Dave Steinberg
> > > > > > http://www.geekisp.com/
> > > > > > http://www.steinbergcomputing.com/
> > > > > > http://www.redterror.net/
> > > > > >
> > > > > > --
> > > > > > To unsubscribe send an email with subject unsubscribe to
> > > > > pound(at)apsis.ch.
> > > > > > Please contact roseg(at)apsis.ch for questions.
> > > > >
> > > > >
> > > > > --
> > > > > To unsubscribe send an email with subject unsubscribe to
> > > > > pound(at)apsis.ch.
> > > > > Please contact roseg(at)apsis.ch for questions.
> > > >
> > > > --
> > > > To unsubscribe send an email with subject unsubscribe to
> > > pound(at)apsis.ch.
> > > > Please contact roseg(at)apsis.ch for questions.
> > > >
> > >
> > >
> > > --
> > > To unsubscribe send an email with subject unsubscribe to
> > > pound(at)apsis.ch.
> > > Please contact roseg(at)apsis.ch for questions.
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> > pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>

Service
    HeadRequire "Host:.*proxmox.mydomain.com.*"
    BackEnd
        Address 192.168.1.10
        Port    443
        HTTPS
    End
End

If it already looks like that, post your config so we can look for other
problems.

Joe

> -----Original Message-----
> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> Sent: Monday, January 10, 2011 3:35 PM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] About https
> 
> Even by upgrading to pound 2.5, it's still not working...
> 
> Jan 10 20:31:05 pound pound: (b72c2b70) e500 can't read header
> Jan 10 20:31:05 pound pound: (b72c2b70) e500 response error read from
> 192.168.1.10:443/GET / HTTP/1.1: Success (0.002 secs)
> 
> root(at)pound:~# pound -V
> starting...
> Version 2.5
>   Configuration switches:
>     --enable-cert1l
> Exiting...
> root(at)pound:~#
> 
> 
> 
> On Mon, Jan 10, 2011 at 12:12 PM, Joe Gooch <mrwizard(at)k12system.com>
> wrote:
> 
> > It appears ubuntu maverick has a pound 2.5 package.
> >
> > http://packages.ubuntu.com/source/maverick/pound
> >
> > Joe
> >
> > > -----Original Message-----
> > > From: Joe Gooch [mailto:mrwizard(at)k12system.com]
> > > Sent: Monday, January 10, 2011 12:05 PM
> > > To: pound(at)apsis.ch
> >  > Subject: RE: [Pound Mailing List] About https
> > >
> > > You would need to pull a pound 2.5 deb package (for instance from
> > > debian sid), or compile pound yourself.  (Or at least compile pound
> and
> > > replace the pound binary in /usr/sbin or wherever the package put
> it)
> > >
> > > See http://www.apsis.ch/pound/index_html, installation section.
> > >
> > > Joe
> > >
> > >
> > > > -----Original Message-----
> > > > From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> > > > Sent: Monday, January 10, 2011 11:18 AM
> > > > To: pound(at)apsis.ch
> > > > Subject: Re: [Pound Mailing List] About https
> > > >
> > > > My version is :
> > > >
> > > > root(at)pound:~# pound -V
> > > > starting...
> > > > Version 2.4.5
> > > >   Configuration switches:
> > > >     --enable-cert1l
> > > >
> > > >
> > > > i installed using apt-get, how do I upgrade to 2.5c as apt-get
> does
> > > not
> > > > have
> > > > that release?
> > > >
> > > > NP
> > > >
> > > > On Mon, Jan 10, 2011 at 11:03 AM, Joe Gooch
> <mrwizard(at)k12system.com>
> > > > wrote:
> > > >
> > > > > Support for HTTPS backends was added in Pound 2.5c.
> > > > >
> > > > > You configure in a backend group by using the HTTPS Directive.
> > > From
> > > > the
> > > > > Pound manual page:
> > > > >
> > > > > BackEnd
> > > > >       A back-end is a definition of a single back-end server
> Pound
> > > > will use
> > > > > to reply to incoming requests.  All configuration directives
> > > enclosed
> > > > > between BackEnd and End
> > > > >       are specific to a single service. The following
> directives
> > > are
> > > > > available:
> > > > >
> > > > >       Address address
> > > > >              The address that Pound will connect to. This can
> be a
> > > > numeric
> > > > > IP address, or a symbolic host name that must be resolvable at
> run-
> > > > time. If
> > > > > the name cannot be
> > > > >              resolved to a valid address, Pound will assume
> that it
> > > > > represents the path for a Unix-domain socket. This is a
> mandatory
> > > > parameter.
> > > > >
> > > > >       Port port
> > > > >              The port number that Pound will connect to. This
> is a
> > > > > mandatory parameter for non Unix-domain back-ends.
> > > > >
> > > > >       HTTPS [ "cert" ]
> > > > >              The back-end is using HTTPS. If the optional
> parameter
> > > > cert is
> > > > > specified, Pound will present this certificate to the back-end.
> > > > >
> > > > >       Priority val
> > > > >              The  priority  of  this  back-end (between 1 and
> 9, 5
> > > is
> > > > > default). Higher priority back-ends will be used more often
> than
> > > > lower
> > > > > priority ones, so you should
> > > > >              define higher priorities for more capable servers.
> > > > >
> > > > >       TimeOut val
> > > > >              Override the global TimeOut value.
> > > > >
> > > > >       ConnTO val
> > > > >              Override the global ConnTO value.
> > > > >
> > > > >       HAport [ address ] port
> > > > >              A port (and optional address) to be used for
> server
> > > > function
> > > > > checks. See below the "High Availability" section for a more
> > > detailed
> > > > >  discussion.  By  default
> > > > >              Pound  uses the same address as the back-end
> server,
> > > but
> > > > you
> > > > > may use a separate address if you wish. This directive applies
> only
> > > > to non
> > > > > Unix-domain servers.
> > > > >
> > > > >
> > > > > Joe
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: nelson pereira [mailto:kitkat0981(at)gmail.com]
> > > > > > Sent: Sunday, January 09, 2011 9:51 PM
> > > > > > To: pound(at)apsis.ch
> > > > > > Subject: Re: [Pound Mailing List] About https
> > > > > >
> > > > > > does pound do https to https backend?
> > > > > >
> > > > > > I think this is something proxmox does not actualy do.. am i
> > > wrong?
> > > > > >
> > > > > > Nelson
> > > > > >
> > > > > > On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:
> > > > > >
> > > > > > > On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> > > > > > >> done that, and the service looks like this:
> > > > > > >>
> > > > > > >>         Service
> > > > > > >>                 HeadRequire
> "Host:.*proxmox.mydomain.com.*"
> > > > > > >>                 BackEnd
> > > > > > >>                         Address 192.168.1.10
> > > > > > >>                         Port    443
> > > > > > >>                 End
> > > > > > >>         End
> > > > > > >>
> > > > > > >> Yet I keep getting the logs in syslog:
> > > > > > >> can't read header
> > > > > > >> e500 response error read from 192.168.1.10:443/GET /
> HTTP/1.1:
> > > > > > Success
> > > > > > >> (0.001 secs)
> > > > > > >>
> > > > > > >> and then i get a page cannot be displayed.
> > > > > > >
> > > > > > > Try adding "HTTPS" to the backend directive.  I'm not 100%
> sure
> > > > of
> > > > > > the syntax there, I think its literally a bareword as in:
> > > > > > >
> > > > > > > BackEnd
> > > > > > >     Address 192...
> > > > > > >     Port 443
> > > > > > >     HTTPS
> > > > > > > End
> > > > > > >
> > > > > > > That will tell pound to talk https to the backend.  I don't
> use
> > > > that
> > > > > > myself so I can't advise precisely how it should look, but
> play
> > > > around
> > > > > > with it or maybe check the archives to see if there are
> examples.
> > > > > > >
> > > > > > > Regards,
> > > > > > > --
> > > > > > > Dave Steinberg
> > > > > > > http://www.geekisp.com/
> > > > > > > http://www.steinbergcomputing.com/
> > > > > > > http://www.redterror.net/
> > > > > > >
> > > > > > > --
> > > > > > > To unsubscribe send an email with subject unsubscribe to
> > > > > > pound(at)apsis.ch.
> > > > > > > Please contact roseg(at)apsis.ch for questions.
> > > > > >
> > > > > >
> > > > > > --
> > > > > > To unsubscribe send an email with subject unsubscribe to
> > > > > > pound(at)apsis.ch.
> > > > > > Please contact roseg(at)apsis.ch for questions.
> > > > >
> > > > > --
> > > > > To unsubscribe send an email with subject unsubscribe to
> > > > pound(at)apsis.ch.
> > > > > Please contact roseg(at)apsis.ch for questions.
> > > > >
> > > >
> > > >
> > > > --
> > > > To unsubscribe send an email with subject unsubscribe to
> > > > pound(at)apsis.ch.
> > > > Please contact roseg(at)apsis.ch for questions.
> > >
> > > --
> > > To unsubscribe send an email with subject unsubscribe to
> > > pound(at)apsis.ch.
> > > Please contact roseg(at)apsis.ch for questions.
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> >
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

BINGO !   You got it... I had taken the HTTPS statement out of the Service
section as it did not work for 2.4
I did not think of adding this once I upgraded to 2.5

Thanks for all the help... Now everything works like a charm !

You guys ROCK !

On Mon, Jan 10, 2011 at 3:48 PM, Joe Gooch <mrwizard(at)k12system.com> wrote:

> Service
>    HeadRequire "Host:.*proxmox.mydomain.com.*"
>    BackEnd
>        Address 192.168.1.10
>        Port    443
>        HTTPS
>    End
> End
>
> If it already looks like that, post your config so we can look for other
> problems.
>
> Joe
>
> > -----Original Message-----
> > From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
>  > Sent: Monday, January 10, 2011 3:35 PM
> > To: pound(at)apsis.ch
> > Subject: Re: [Pound Mailing List] About https
> >
> > Even by upgrading to pound 2.5, it's still not working...
> >
> > Jan 10 20:31:05 pound pound: (b72c2b70) e500 can't read header
> > Jan 10 20:31:05 pound pound: (b72c2b70) e500 response error read from
> > 192.168.1.10:443/GET / HTTP/1.1: Success (0.002 secs)
> >
> > root(at)pound:~# pound -V
> > starting...
> > Version 2.5
> >   Configuration switches:
> >     --enable-cert1l
> > Exiting...
> > root(at)pound:~#
> >
> >
> >
> > On Mon, Jan 10, 2011 at 12:12 PM, Joe Gooch <mrwizard(at)k12system.com>
> > wrote:
> >
> > > It appears ubuntu maverick has a pound 2.5 package.
> > >
> > > http://packages.ubuntu.com/source/maverick/pound
> > >
> > > Joe
> > >
> > > > -----Original Message-----
> > > > From: Joe Gooch [mailto:mrwizard(at)k12system.com]
> > > > Sent: Monday, January 10, 2011 12:05 PM
> > > > To: pound(at)apsis.ch
> > >  > Subject: RE: [Pound Mailing List] About https
> > > >
> > > > You would need to pull a pound 2.5 deb package (for instance from
> > > > debian sid), or compile pound yourself.  (Or at least compile pound
> > and
> > > > replace the pound binary in /usr/sbin or wherever the package put
> > it)
> > > >
> > > > See http://www.apsis.ch/pound/index_html, installation section.
> > > >
> > > > Joe
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> > > > > Sent: Monday, January 10, 2011 11:18 AM
> > > > > To: pound(at)apsis.ch
> > > > > Subject: Re: [Pound Mailing List] About https
> > > > >
> > > > > My version is :
> > > > >
> > > > > root(at)pound:~# pound -V
> > > > > starting...
> > > > > Version 2.4.5
> > > > >   Configuration switches:
> > > > >     --enable-cert1l
> > > > >
> > > > >
> > > > > i installed using apt-get, how do I upgrade to 2.5c as apt-get
> > does
> > > > not
> > > > > have
> > > > > that release?
> > > > >
> > > > > NP
> > > > >
> > > > > On Mon, Jan 10, 2011 at 11:03 AM, Joe Gooch
> > <mrwizard(at)k12system.com>
> > > > > wrote:
> > > > >
> > > > > > Support for HTTPS backends was added in Pound 2.5c.
> > > > > >
> > > > > > You configure in a backend group by using the HTTPS Directive.
> > > > From
> > > > > the
> > > > > > Pound manual page:
> > > > > >
> > > > > > BackEnd
> > > > > >       A back-end is a definition of a single back-end server
> > Pound
> > > > > will use
> > > > > > to reply to incoming requests.  All configuration directives
> > > > enclosed
> > > > > > between BackEnd and End
> > > > > >       are specific to a single service. The following
> > directives
> > > > are
> > > > > > available:
> > > > > >
> > > > > >       Address address
> > > > > >              The address that Pound will connect to. This can
> > be a
> > > > > numeric
> > > > > > IP address, or a symbolic host name that must be resolvable at
> > run-
> > > > > time. If
> > > > > > the name cannot be
> > > > > >              resolved to a valid address, Pound will assume
> > that it
> > > > > > represents the path for a Unix-domain socket. This is a
> > mandatory
> > > > > parameter.
> > > > > >
> > > > > >       Port port
> > > > > >              The port number that Pound will connect to. This
> > is a
> > > > > > mandatory parameter for non Unix-domain back-ends.
> > > > > >
> > > > > >       HTTPS [ "cert" ]
> > > > > >              The back-end is using HTTPS. If the optional
> > parameter
> > > > > cert is
> > > > > > specified, Pound will present this certificate to the back-end.
> > > > > >
> > > > > >       Priority val
> > > > > >              The  priority  of  this  back-end (between 1 and
> > 9, 5
> > > > is
> > > > > > default). Higher priority back-ends will be used more often
> > than
> > > > > lower
> > > > > > priority ones, so you should
> > > > > >              define higher priorities for more capable servers.
> > > > > >
> > > > > >       TimeOut val
> > > > > >              Override the global TimeOut value.
> > > > > >
> > > > > >       ConnTO val
> > > > > >              Override the global ConnTO value.
> > > > > >
> > > > > >       HAport [ address ] port
> > > > > >              A port (and optional address) to be used for
> > server
> > > > > function
> > > > > > checks. See below the "High Availability" section for a more
> > > > detailed
> > > > > >  discussion.  By  default
> > > > > >              Pound  uses the same address as the back-end
> > server,
> > > > but
> > > > > you
> > > > > > may use a separate address if you wish. This directive applies
> > only
> > > > > to non
> > > > > > Unix-domain servers.
> > > > > >
> > > > > >
> > > > > > Joe
> > > > > >
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: nelson pereira [mailto:kitkat0981(at)gmail.com]
> > > > > > > Sent: Sunday, January 09, 2011 9:51 PM
> > > > > > > To: pound(at)apsis.ch
> > > > > > > Subject: Re: [Pound Mailing List] About https
> > > > > > >
> > > > > > > does pound do https to https backend?
> > > > > > >
> > > > > > > I think this is something proxmox does not actualy do.. am i
> > > > wrong?
> > > > > > >
> > > > > > > Nelson
> > > > > > >
> > > > > > > On Jan 9, 2011, at 5:33 PM, Dave Steinberg wrote:
> > > > > > >
> > > > > > > > On 1/9/2011 5:25 PM, Nelson Pereira wrote:
> > > > > > > >> done that, and the service looks like this:
> > > > > > > >>
> > > > > > > >>         Service
> > > > > > > >>                 HeadRequire
> > "Host:.*proxmox.mydomain.com.*"
> > > > > > > >>                 BackEnd
> > > > > > > >>                         Address 192.168.1.10
> > > > > > > >>                         Port    443
> > > > > > > >>                 End
> > > > > > > >>         End
> > > > > > > >>
> > > > > > > >> Yet I keep getting the logs in syslog:
> > > > > > > >> can't read header
> > > > > > > >> e500 response error read from 192.168.1.10:443/GET /
> > HTTP/1.1:
> > > > > > > Success
> > > > > > > >> (0.001 secs)
> > > > > > > >>
> > > > > > > >> and then i get a page cannot be displayed.
> > > > > > > >
> > > > > > > > Try adding "HTTPS" to the backend directive.  I'm not 100%
> > sure
> > > > > of
> > > > > > > the syntax there, I think its literally a bareword as in:
> > > > > > > >
> > > > > > > > BackEnd
> > > > > > > >     Address 192...
> > > > > > > >     Port 443
> > > > > > > >     HTTPS
> > > > > > > > End
> > > > > > > >
> > > > > > > > That will tell pound to talk https to the backend.  I don't
> > use
> > > > > that
> > > > > > > myself so I can't advise precisely how it should look, but
> > play
> > > > > around
> > > > > > > with it or maybe check the archives to see if there are
> > examples.
> > > > > > > >
> > > > > > > > Regards,
> > > > > > > > --
> > > > > > > > Dave Steinberg
> > > > > > > > http://www.geekisp.com/
> > > > > > > > http://www.steinbergcomputing.com/
> > > > > > > > http://www.redterror.net/
> > > > > > > >
> > > > > > > > --
> > > > > > > > To unsubscribe send an email with subject unsubscribe to
> > > > > > > pound(at)apsis.ch.
> > > > > > > > Please contact roseg(at)apsis.ch for questions.
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > To unsubscribe send an email with subject unsubscribe to
> > > > > > > pound(at)apsis.ch.
> > > > > > > Please contact roseg(at)apsis.ch for questions.
> > > > > >
> > > > > > --
> > > > > > To unsubscribe send an email with subject unsubscribe to
> > > > > pound(at)apsis.ch.
> > > > > > Please contact roseg(at)apsis.ch for questions.
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > To unsubscribe send an email with subject unsubscribe to
> > > > > pound(at)apsis.ch.
> > > > > Please contact roseg(at)apsis.ch for questions.
> > > >
> > > > --
> > > > To unsubscribe send an email with subject unsubscribe to
> > > > pound(at)apsis.ch.
> > > > Please contact roseg(at)apsis.ch for questions.
> > >
> > > --
> > > To unsubscribe send an email with subject unsubscribe to
> > pound(at)apsis.ch.
> > > Please contact roseg(at)apsis.ch for questions.
> > >
> >
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> > pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
>

Glad you got it working!

Take care.

Joe

> -----Original Message-----
> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
> Sent: Monday, January 10, 2011 3:57 PM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] About https
> 
> BINGO !   You got it... I had taken the HTTPS statement out of the
> Service
> section as it did not work for 2.4
> I did not think of adding this once I upgraded to 2.5
> 
> Thanks for all the help... Now everything works like a charm !
> 
> You guys ROCK !
> 
> On Mon, Jan 10, 2011 at 3:48 PM, Joe Gooch <mrwizard(at)k12system.com>
> wrote:
> 
> > Service
> >    HeadRequire "Host:.*proxmox.mydomain.com.*"
> >    BackEnd
> >        Address 192.168.1.10
> >        Port    443
> >        HTTPS
> >    End
> > End
> >
> > If it already looks like that, post your config so we can look for
> other
> > problems.
> >
> > Joe
> >

Since this patch is working very well, can someone tell me about the chances
this code will be adopted in the main trunk? And if so, will this be in the 2.6
release? And if so, what is the estimated month of the 2.6 release?
I ask these questions because we like the idea of stable and maintained code on
our production servers :)

Thanks!

Steven

-----Oorspronkelijk bericht-----
Van: Joe Gooch [mailto:mrwizard(at)k12system.com] 
Verzonden: woensdag 5 januari 2011 17:21
Aan: pound(at)apsis.ch
Onderwerp: RE: [Pound Mailing List] RE: Website stalls every 60 seconds

I wouldn't even consider it for anything other than UNIX domain sockets.  Even
so, I'm not sure adding another network based call-response protocol to every
request is going to solve any of our problems.  I would think local memory and
synchronization, even with locking, would be faster.  Then again, without
proper benchmarking I can't be sure. :)

Since my patch will allow creation of sessions even when the client doesn't
give one, you might want to rerun your benchmarking w/ ab.  

Joe

> -----Original Message-----
> From: Steven van der Vegt [mailto:steven(at)echelon.nl]
> Sent: Wednesday, January 05, 2011 9:24 AM
> To: pound(at)apsis.ch
> Subject: RE: [Pound Mailing List] RE: Website stalls every 60 seconds
> 
> Just something that came to mind: what about using memcached? You can
> provide an expire parameter. This invalidates old items automatically.
> 

--
To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
Please contact roseg(at)apsis.ch for questions.

On Mon, 2011-01-03 at 20:18 +0000, Joe Gooch wrote:
> I've implemented the "tag each request with the backend in the browser
instead of storing our sessions locally and incurring concurrency costs" method
of session tracking.  Described in 5 below.
> 
> Patch (against 2.6c) is at:
https://users.k12system.com/mrwizard/pound/pound_26_backend_cookies.patch.bz2
> 
> Essentially the change to session handling is when it has to choose a random
backend (i.e. didn't find in the hashtable, or hashtable/sessions are
disabled), it will check for the backend key header and if found, it will use
the backend that matches (if possible).  This can be used to turn off session
handling entirely (allowing pound to use backend keys to use backend
stickyness), or to augment session handling... For instance, if pound is
restarted, the session DB is cleared.  Using the cookie in the browser, when
sessions are recreated, the correct backend will be chosen to resume their
sessions.
> 
> 
> Joe

Many thanks for the path, Joe.

I had a look at it, and I have one small objection: if I understand
correctly the whole thing stops working if a client does not support
cookies (because of user settings in a browser, or because of some silly
API).

We are now working at making the session cleaning somewhat more granular
and efficient, so a bit of patience please...
-- 
Robert Segall
Apsis GmbH
Postfach, Uetikon am See, CH-8707
Tel: +41-32-512 30 19

On Wed, 2011-01-12 at 15:22 +0000, Steven van der Vegt wrote:
> Since this patch is working very well, can someone tell me about the chances
this code will be adopted in the main trunk? And if so, will this be in the 2.6
release? And if so, what is the estimated month of the 2.6 release?
> I ask these questions because we like the idea of stable and maintained code
on our production servers :)
> 
> Thanks!
> 
> Steven

Please see my message about Joe Gooch's patch.

As to the final 2.6 - that really depends on the feedback we get on the
beta releases. Until now this has been "limited" - we need your help
with the testing.
-- 
Robert Segall
Apsis GmbH
Postfach, Uetikon am See, CH-8707
Tel: +41-32-512 30 19

If Cookies aren't enabled, then the backend cookie feature wouldn't be any
different from the existing session handling.  (you can still configure a
session database based on URL/PARAM/IP...)  rand_backend would return a random
backend (as it always had) instead of finding an answer in a cookie.

Since I use cookie based session affinity, everything would fall apart without
cookies anyway.  I can't see any way this method of tracking would work for the
others (URL/PARAM) without rewriting request content, which isn't likely to
ever be a pound feature. :)


So if you aren't using cookies, this feature doesn't hurt anything.  If you are
using cookies, you can use Session Cookie, this feature, or both.

Joe

> -----Original Message-----
> From: Robert Segall [mailto:roseg(at)apsis.ch]
> Sent: Thursday, January 13, 2011 12:55 PM
> To: pound(at)apsis.ch
> Subject: RE: [Pound Mailing List] RE: Website stalls every 60 seconds
> 
> On Mon, 2011-01-03 at 20:18 +0000, Joe Gooch wrote:
> > I've implemented the "tag each request with the backend in the
> browser instead of storing our sessions locally and incurring
> concurrency costs" method of session tracking.  Described in 5 below.
> >
> > Patch (against 2.6c) is at:
> https://users.k12system.com/mrwizard/pound/pound_26_backend_cookies.pat
> ch.bz2
> >
> > Essentially the change to session handling is when it has to choose a
> random backend (i.e. didn't find in the hashtable, or
> hashtable/sessions are disabled), it will check for the backend key
> header and if found, it will use the backend that matches (if
> possible).  This can be used to turn off session handling entirely
> (allowing pound to use backend keys to use backend stickyness), or to
> augment session handling... For instance, if pound is restarted, the
> session DB is cleared.  Using the cookie in the browser, when sessions
> are recreated, the correct backend will be chosen to resume their
> sessions.
> >
> >
> > Joe
> 
> Many thanks for the path, Joe.
> 
> I had a look at it, and I have one small objection: if I understand
> correctly the whole thing stops working if a client does not support
> cookies (because of user settings in a browser, or because of some
> silly
> API).
> 
> We are now working at making the session cleaning somewhat more
> granular
> and efficient, so a bit of patience please...
> --
> Robert Segall
> Apsis GmbH
> Postfach, Uetikon am See, CH-8707
> Tel: +41-32-512 30 19
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

On 1/13/2011 12:57 PM, Robert Segall wrote:
> On Wed, 2011-01-12 at 15:22 +0000, Steven van der Vegt wrote:
>> Since this patch is working very well, can someone tell me about the chances
this code will be adopted in the main trunk? And if so, will this be in the 2.6
release? And if so, what is the estimated month of the 2.6 release?
>> I ask these questions because we like the idea of stable and maintained code
on our production servers :)
>>
>> Thanks!
>>
>> Steven
>
> Please see my message about Joe Gooch's patch.
>
> As to the final 2.6 - that really depends on the feedback we get on the
> beta releases. Until now this has been "limited" - we need your help
> with the testing.

I've been running it for a little over a week.  No problems so far.

Regards,
-- 
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/

If Cookies aren't enabled, then the backend cookie feature wouldn't be any
different from the existing session handling.  (you can still configure a
session database based on URL/PARAM/IP...)  rand_backend would return a random
backend (as it always had) instead of finding an answer in a cookie.

Since I use cookie based session affinity, everything would fall apart without
cookies anyway.  I can't see any way this method of tracking would work for the
others (URL/PARAM) without rewriting request content, which isn't likely to
ever be a pound feature. :)


So if you aren't using cookies, this feature doesn't hurt anything.  If you are
using cookies, you can use Session Cookie, this feature, or both.

Joe

> -----Original Message-----
> From: Robert Segall [mailto:roseg(at)apsis.ch]
> Sent: Thursday, January 13, 2011 12:55 PM
> To: pound(at)apsis.ch
> Subject: RE: [Pound Mailing List] RE: Website stalls every 60 seconds
> 
> On Mon, 2011-01-03 at 20:18 +0000, Joe Gooch wrote:
> > I've implemented the "tag each request with the backend in the
> browser instead of storing our sessions locally and incurring
> concurrency costs" method of session tracking.  Described in 5 below.
> >
> > Patch (against 2.6c) is at:
> https://users.k12system.com/mrwizard/pound/pound_26_backend_cookies.pat
> ch.bz2
> >
> > Essentially the change to session handling is when it has to choose a
> random backend (i.e. didn't find in the hashtable, or
> hashtable/sessions are disabled), it will check for the backend key
> header and if found, it will use the backend that matches (if
> possible).  This can be used to turn off session handling entirely
> (allowing pound to use backend keys to use backend stickyness), or to
> augment session handling... For instance, if pound is restarted, the
> session DB is cleared.  Using the cookie in the browser, when sessions
> are recreated, the correct backend will be chosen to resume their
> sessions.
> >
> >
> > Joe
> 
> Many thanks for the path, Joe.
> 
> I had a look at it, and I have one small objection: if I understand
> correctly the whole thing stops working if a client does not support
> cookies (because of user settings in a browser, or because of some
> silly
> API).
> 
> We are now working at making the session cleaning somewhat more
> granular
> and efficient, so a bit of patience please...
> --
> ?Robert Segall
> Apsis GmbH
> Postfach, Uetikon am See, CH-8707
> Tel: +41-32-512 30 19
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

On 1/13/2011 1:09 PM, Dave Steinberg wrote:
> On 1/13/2011 12:57 PM, Robert Segall wrote:
>> On Wed, 2011-01-12 at 15:22 +0000, Steven van der Vegt wrote:
>>> Since this patch is working very well, can someone tell me about the
>>> chances this code will be adopted in the main trunk? And if so, will
>>> this be in the 2.6 release? And if so, what is the estimated month of
>>> the 2.6 release?
>>> I ask these questions because we like the idea of stable and
>>> maintained code on our production servers :)
>>>
>>> Thanks!
>>>
>>> Steven
>>
>> Please see my message about Joe Gooch's patch.
>>
>> As to the final 2.6 - that really depends on the feedback we get on the
>> beta releases. Until now this has been "limited" - we need your help
>> with the testing.
>
> I've been running it for a little over a week. No problems so far.

Ok, maybe no problems except for my amnesia.  No problems other than 
what I already reported.  More coffee...

Regards,
-- 
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/

Guy's,

im moving my pound to a new VM and I re-installed pound 2.5
My SSL cert has a password and i  am trying to change it so it does not have a
passphrase.

I found a site on how to create my certificate, and followed it... yet when I
try to start pound i get this error message:

root(at)pound:~# /etc/init.d/pound start
 * Starting reverse proxy and load balancer pound
starting...
/etc/pound/pound.cfg line 45: SSL_CTX_use_PrivateKey_file failed - aborted
   ...fail!




On Jan 11, 2011, at 9:33 AM, Joe Gooch wrote:

> Glad you got it working!
> 
> Take care.
> 
> Joe
> 
>> -----Original Message-----
>> From: Nelson Pereira [mailto:kitkat0981(at)gmail.com]
>> Sent: Monday, January 10, 2011 3:57 PM
>> To: pound(at)apsis.ch
>> Subject: Re: [Pound Mailing List] About https
>> 
>> BINGO !   You got it... I had taken the HTTPS statement out of the
>> Service
>> section as it did not work for 2.4
>> I did not think of adding this once I upgraded to 2.5
>> 
>> Thanks for all the help... Now everything works like a charm !
>> 
>> You guys ROCK !
>> 
>> On Mon, Jan 10, 2011 at 3:48 PM, Joe Gooch <mrwizard(at)k12system.com>
>> wrote:
>> 
>>> Service
>>>   HeadRequire "Host:.*proxmox.mydomain.com.*"
>>>   BackEnd
>>>       Address 192.168.1.10
>>>       Port    443
>>>       HTTPS
>>>   End
>>> End
>>> 
>>> If it already looks like that, post your config so we can look for
>> other
>>> problems.
>>> 
>>> Joe
>>> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

On 1/13/2011 10:05 PM, nelson pereira wrote:
> Guy's,
>
> im moving my pound to a new VM and I re-installed pound 2.5
> My SSL cert has a password and i  am trying to change it so it does not have
a passphrase.
>
> I found a site on how to create my certificate, and followed it... yet when I
try to start pound i get this error message:
>
> root(at)pound:~# /etc/init.d/pound start
>   * Starting reverse proxy and load balancer pound
> starting...
> /etc/pound/pound.cfg line 45: SSL_CTX_use_PrivateKey_file failed - aborted
>     ...fail!

The password is on your private key.  Generate a new key, a new CSR, and 
have your cert authority re-issue the certificate.

Regards,
-- 
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/

My patch at
https://users.k12system.com/mrwizard/pound/pound-2.5-03_IncludeDirDirective.patch.bz2
implements the ability to include multiple files from a directory.  You'd have
to compile your own pound to use it.

Or, you can modify your startup script to create a unified include file... for
instance:
/etc/pound/pound.cfg   Include "/etc/pound/vhosts.cfg"

In your startup script:
cat /etc/pound/vhosts.d/*.cfg > /etc/pound/vhosts.cfg
pound -f /etc/pound/pound.cfg

or similar.


Joe

> -----Original Message-----
> From: Romar Mayer Micabalo [mailto:romar(at)focusoutsourcing.com] On
> Behalf Of romar(at)globalworkforce.com
> Sent: Friday, January 14, 2011 6:22 AM
> To: pound(at)apsis.ch
> Subject: [Pound Mailing List] Include wildcard
> 
> Hi,
> 
> I currently have the following snippet in my Pound.cfg:
> 
> ListenHTTP
>     Address 1.2.3.4
>     Port 80
>     HeadRemove "X-Forwarded-For"
>     Include "/etc/pound/vhosts.cfg"
> End
> 
> My /etc/pound/vhosts.cfg contains:
> 
> Service
> HeadRequire "^Host:\s*internal.mydomain.com"
>         BackEnd
> Address 1.2.3.6
> Port 8080
> End
> End
> 
> Is it possible to do 'Include "/etc/pound/*.cfg" ' ? This is so that I
> can put the config for specific vhosts on separate files. Although I
> have tried this and failed using Pound 2.5. Hopefully there's a way to
> include multiple config files.
> 
> Thank you in advance for your replies.
> 
> Best regards.
> 
> - Romar
> 
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

Thanks for the reply Joe.  I'll take a look at your code.

I'm already using a unified include file as was pretty obvious in my 
snippet:

Include "/etc/pound/vhosts.cfg"


I needed some way to use "*.cfg" or something, since I would prefer to 
put vhost definitions on separate files.

- Romar




On Friday, 14 January, 2011 10:30 PM, Joe Gooch wrote:
> My patch at
https://users.k12system.com/mrwizard/pound/pound-2.5-03_IncludeDirDirective.patch.bz2
implements the ability to include multiple files from a directory.  You'd have
to compile your own pound to use it.
>
> Or, you can modify your startup script to create a unified include file...
for instance:
> /etc/pound/pound.cfg   Include "/etc/pound/vhosts.cfg"
>
> In your startup script:
> cat /etc/pound/vhosts.d/*.cfg>  /etc/pound/vhosts.cfg
> pound -f /etc/pound/pound.cfg
>
> or similar.
>
>
> Joe
>
>> -----Original Message-----
>> From: Romar Mayer Micabalo [mailto:romar(at)focusoutsourcing.com] On
>> Behalf Of romar(at)globalworkforce.com
>> Sent: Friday, January 14, 2011 6:22 AM
>> To: pound(at)apsis.ch
>> Subject: [Pound Mailing List] Include wildcard
>>
>> Hi,
>>
>> I currently have the following snippet in my Pound.cfg:
>>
>> ListenHTTP
>>      Address 1.2.3.4
>>      Port 80
>>      HeadRemove "X-Forwarded-For"
>>      Include "/etc/pound/vhosts.cfg"
>> End
>>
>> My /etc/pound/vhosts.cfg contains:
>>
>> Service
>> HeadRequire "^Host:\s*internal.mydomain.com"
>>          BackEnd
>> Address 1.2.3.6
>> Port 8080
>> End
>> End
>>
>> Is it possible to do 'Include "/etc/pound/*.cfg" ' ? This is so that I
>> can put the config for specific vhosts on separate files. Although I
>> have tried this and failed using Pound 2.5. Hopefully there's a way to
>> include multiple config files.
>>
>> Thank you in advance for your replies.
>>
>> Best regards.
>>
>> - Romar
>>
>>
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to
>> pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

Hi Joe,

I can't seem to access your link. Could it by chance be broken?

Thanks.

- Romar


On Friday, 14 January, 2011 10:30 PM, Joe Gooch wrote:
> My patch at
https://users.k12system.com/mrwizard/pound/pound-2.5-03_IncludeDirDirective.patch.bz2
implements the ability to include multiple files from a directory.  You'd have
to compile your own pound to use it.
>
> Or, you can modify your startup script to create a unified include file...
for instance:
> /etc/pound/pound.cfg   Include "/etc/pound/vhosts.cfg"
>
> In your startup script:
> cat /etc/pound/vhosts.d/*.cfg>  /etc/pound/vhosts.cfg
> pound -f /etc/pound/pound.cfg
>
> or similar.
>
>
> Joe
>
>> -----Original Message-----
>> From: Romar Mayer Micabalo [mailto:romar(at)focusoutsourcing.com] On
>> Behalf Of romar(at)globalworkforce.com
>> Sent: Friday, January 14, 2011 6:22 AM
>> To: pound(at)apsis.ch
>> Subject: [Pound Mailing List] Include wildcard
>>
>> Hi,
>>
>> I currently have the following snippet in my Pound.cfg:
>>
>> ListenHTTP
>>      Address 1.2.3.4
>>      Port 80
>>      HeadRemove "X-Forwarded-For"
>>      Include "/etc/pound/vhosts.cfg"
>> End
>>
>> My /etc/pound/vhosts.cfg contains:
>>
>> Service
>> HeadRequire "^Host:\s*internal.mydomain.com"
>>          BackEnd
>> Address 1.2.3.6
>> Port 8080
>> End
>> End
>>
>> Is it possible to do 'Include "/etc/pound/*.cfg" ' ? This is so that I
>> can put the config for specific vhosts on separate files. Although I
>> have tried this and failed using Pound 2.5. Hopefully there's a way to
>> include multiple config files.
>>
>> Thank you in advance for your replies.
>>
>> Best regards.
>>
>> - Romar
>>
>>
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to
>> pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

> -----Original Message-----
> From: Romar Mayer Micabalo [mailto:romar(at)focusoutsourcing.com] On
> Behalf Of romar(at)globalworkforce.com
> Sent: Sunday, January 16, 2011 8:17 PM
> To: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] Include wildcard
> 
> Thanks for the reply Joe.  I'll take a look at your code.
> 
> I'm already using a unified include file as was pretty obvious in my
> snippet:
> 
> Include "/etc/pound/vhosts.cfg"
> 
> 
> I needed some way to use "*.cfg" or something, since I would prefer to
> put vhost definitions on separate files.

Right, that's why the suggestion was to automatically assemble the unified file
when you start the daemon, from your individual files.

Joe

It should work... Try now?

Joe

> -----Original Message-----
> From: Romar Mayer Micabalo [mailto:romar(at)focusoutsourcing.com] On
> Behalf Of romar(at)globalworkforce.com
> Sent: Sunday, January 16, 2011 9:32 PM
> To: Joe Gooch
> Cc: pound(at)apsis.ch
> Subject: Re: [Pound Mailing List] Include wildcard
> 
> Hi Joe,
> 
> I can't seem to access your link. Could it by chance be broken?
> 
> Thanks.
> 
> - Romar
> 
> 
> On Friday, 14 January, 2011 10:30 PM, Joe Gooch wrote:
> > My patch at https://users.k12system.com/mrwizard/pound/pound-2.5-
> 03_IncludeDirDirective.patch.bz2 implements the ability to include
> multiple files from a directory.  You'd have to compile your own pound
> to use it.
> >
> > Or, you can modify your startup script to create a unified include
> file... for instance:
> > /etc/pound/pound.cfg   Include "/etc/pound/vhosts.cfg"
> >
> > In your startup script:
> > cat /etc/pound/vhosts.d/*.cfg>  /etc/pound/vhosts.cfg
> > pound -f /etc/pound/pound.cfg
> >
> > or similar.
> >
> >
> > Joe
> >
> >> -----Original Message-----
> >> From: Romar Mayer Micabalo [mailto:romar(at)focusoutsourcing.com] On
> >> Behalf Of romar(at)globalworkforce.com
> >> Sent: Friday, January 14, 2011 6:22 AM
> >> To: pound(at)apsis.ch
> >> Subject: [Pound Mailing List] Include wildcard
> >>
> >> Hi,
> >>
> >> I currently have the following snippet in my Pound.cfg:
> >>
> >> ListenHTTP
> >>      Address 1.2.3.4
> >>      Port 80
> >>      HeadRemove "X-Forwarded-For"
> >>      Include "/etc/pound/vhosts.cfg"
> >> End
> >>
> >> My /etc/pound/vhosts.cfg contains:
> >>
> >> Service
> >> HeadRequire "^Host:\s*internal.mydomain.com"
> >>          BackEnd
> >> Address 1.2.3.6
> >> Port 8080
> >> End
> >> End
> >>
> >> Is it possible to do 'Include "/etc/pound/*.cfg" ' ? This is so that
> I
> >> can put the config for specific vhosts on separate files. Although I
> >> have tried this and failed using Pound 2.5. Hopefully there's a way
> to
> >> include multiple config files.
> >>
> >> Thank you in advance for your replies.
> >>
> >> Best regards.
> >>
> >> - Romar
> >>
> >>
> >>
> >> --
> >> To unsubscribe send an email with subject unsubscribe to
> >> pound(at)apsis.ch.
> >> Please contact roseg(at)apsis.ch for questions.
> > --
> > To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> > Please contact roseg(at)apsis.ch for questions.
> 
> 
> --
> To unsubscribe send an email with subject unsubscribe to
> pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.

On Monday, 17 January, 2011 11:04 PM, Joe Gooch wrote:
>
> Right, that's why the suggestion was to automatically assemble the unified
file when you start the daemon, from your individual files.
>
> Joe
Aaahh yes. Now I get what you mean. We actually have a plan for 
something similar but via a db.

Will retry your link.

Thanks again for the quick assist Joe :). Regards!


- Romar


>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.