Hi Aleks, Basically, I needed to bind to a different port then 22. and , with Brian's help, i ended up with the following config:
frontend www-ssh-proxy bind x.x.x.x:22 mode tcp default_backend www-ssh-proxy-backend backend www-ssh-proxy-backend mode tcp balance source server web1 10.1.100.156:22 check weight 1 server web2 10.1.100.160:22 check weight 1 I have now changed the port 2200, to 22 -- by using 2200 for sshd itself and 22 for binding. This is not the perfect set up yet, but this is better then what I had before. thanks. On Sat, Oct 20, 2018 at 1:39 AM Aleksandar Lazic <[email protected]> wrote: > Hi. > > Am 20.10.2018 um 09:48 schrieb Imam Toufique: > > Thanks, Jarno! > > > > Brian Gibson helped me out! thanks, Brian! > > Would be nice to know what's the solution was, thanks. > > Regards > Aleks > > > On Sat, Oct 20, 2018 at 12:10 AM Jarno Huuskonen <[email protected] > > <mailto:[email protected]>> wrote: > > > > Hi, > > > > On Fri, Oct 19, Imam Toufique wrote: > > > I am working on setting up ssh / sftp capability with HAProxy, > > > initial setup is done ( thanks to some of the members in the > haproxy email > > > list for help! ) . I ran into an issue -- as soon as I ssh via > the proxy > > > node, within a minutes or so, ssh connection closes on me. > > > > Is the connection idle ? "in 50.3 seconds" matches your > > timeout client/server 50000(ms) > > (Your (haproxy)logs should give more information why the connection > > was closed). > > > > > here is my config file: > > > --------------------------------- > > > > ... > > > > > timeout client 50000 > > > timeout server 50000 > > > > ... > > > > > backend http_back > > > timeout connect 900000 > > > timeout server 900000 > > > > 900000(ms)(=15minutes) connect timeout for http seems long ... > > (AFAIK this is how long haproxy will wait for tcp connection > > to a backend http server). > > > > > backend www-ssh-proxy-backend > > > mode tcp > > > balance roundrobin > > > stick-table type ip size 200k expire 30m > > > stick on src > > > default-server inter 1s > > > server web1 10.1.100.156:22 <http://10.1.100.156:22> check id 1 > > > server web2 10.1.100.160:22 <http://10.1.100.160:22> check id 2 > > > > Try using longer timeout server on www-ssh-proxy-backend. > > (and/or longer timeout client on www-ssh-proxy). > > > > (You could also try to play with sshd_config: ClientAliveInterval and > > TCPKeepAlive) > > > > > Transferred: sent 3312, received 3184 bytes, in 50.3 seconds > > > > -Jarno > > > > -- > > Jarno Huuskonen > > > > > > > > -- > > Regards, > > */Imam Toufique/* > > /*213-700-5485*/ > > -- Regards, *Imam Toufique* *213-700-5485*
