HAProxy的不均衡SSL

Question

我有這個

listen SSL XXX.XXX.XXX.60:443 
    timeout connect 300s 
    timeout client 300s 
    timeout server 300s 
    timeout queue 300s 
    mode tcp 
    bind-process 1 
    option tcplog 
    option ssl-hello-chk 
    option http-server-close 
    balance source 
    server WEB61 XXX.XXX.XXX.61:443 check maxconn 500 
    server WEB62 XXX.XXX.XXX.62:443 check maxconn 500 
    server WEB63 XXX.XXX.XXX.63:443 check maxconn 500 
    server WEB71 XXX.XXX.XXX.71:443 check maxconn 500 
    server WEB72 XXX.XXX.XXX.72:443 check maxconn 500 
    server WEB73 XXX.XXX.XXX.73:443 check maxconn 500 

但是，所有的SSL客戶端總是去WEB62。沒有連接到其他服務器。

Answer 1

想通了。

timeout server 300s 
    timeout connect 300s 
    timeout client 300s 
    mode tcp 
    balance roundrobin 
    stick-table type binary len 32 size 30k expire 30m 
    acl clienthello req_ssl_hello_type 1 
    acl serverhello rep_ssl_hello_type 2 
    tcp-request inspect-delay 5s 
    tcp-request content accept if clienthello 
    tcp-response content accept if serverhello 
    stick on payload_lv(43,1) if clienthello 
    stick store-response payload_lv(43,1) if serverhello 

希望它可以幫助別人