A Layer 7 service is a set of listeners.

Service attributes and options define session behavior on the client side of the load balancer, such as maximum number of accepted simultaneous sessions, choice of server farm, and timeouts on the client side.

Service are identified by a name. Allowed characters are alpha-numerics dot, dash, and underscore.

continuous-statistics

  • Definition: Continuous traffic statistics updates

  • Type:

  • Default value: disabled, which means traffic counters are incremented once a session is completed.

Value

Description

enabled

Enable continuous traffic statistics monitoring

protocol

  • Definition: Protocol analyzer

  • Type: enum

  • Default value: Layer 4 protocol TCP

Value

Description

tcp

Layer 4 protocol TCP analyzer

http

Layer 7 protocol HTTP analyzer

log

  • Definition: Traffic logs

  • Type:

  • Default value: Logs are disabled

Value

Description

enabled

Logs are enabled

log-format

  • Definition: Use log format if logs are enabled

  • Type: enum

  • Default value: basic log format

Value

Description

tcp

Advanced TCP log format

http

Advanced HTTP log format (fall back to tcp mode if protocolnot set to http)

clf

Use common log format defined by Apache (fall back to tcp mode if protocol not set to http)

Note

This is ignored if log is not set to enabled.

log-ignore-null

  • Definition: Prevent logging of open/closed empty connections (no traffic)

  • Type: enum

  • Default value: Empty connections are logged

Value

Description

enabled

Log for empty connections are ignored

disabled

Empty connections are logged

http-connection-mode

Note

This attribute is ignored if protocol is not set to http.

  • Definition: Defines HTTPkeepalive behavior

  • Type: enum

  • Default value: tunnel

Value

Description

tunnel

Connection header is left untouched and body is ignored.

passive-close

Connection header is changed and body is ignored.

server-close

Connection header set, body scanned, and client-side keep-alive is made possible regardless of server-side capabilities.

forced-close

Connection header set, body scanned, and connection closed.

http-pretend-keepalive

Note

This attribute is ignored if protocol is not set to http.

  • Definition: HTTP keepalive announced to the server regardless keepalive status.

  • Type: enum

  • Default value: disabled

Value

Description

enabled

Keepalive announcements are enabled

disabled

Keepalive announcements are disabled

client-inactivity-timeout

Warning

It is important to set up this parameter; otherwise, HAProxy may run out of connection slots.

  • Definition: Maximum inactivity time on the client side.

  • Type: integer

  • Default value: No timeout

  • Particular value: 0 means no timeout

http-request-timeout

Warning

It is important to set up this parameter; otherwise, HAProxy may run out of connection slots.

Note

This attribute is ignored if protocol is not set to http.

  • Definition: Maximum time to wait for an entire and valid HTTP request (slowlorys protection)

  • Type: integer

  • Default value: no timeout

  • Particular value: 0 means no timeout

max-connections

  • Definition: Maximum simultaneous sessions accepted on this service.

  • Type: integer

  • Default value: No limit

tcpreq-inspect-delay

  • Definition: Set the maximum allowed time to wait for data from the client during content inspection.

  • Type: integer

  • Default value: 0

default-farm

  • Definition: Default farm used to process requests.

  • Type: integer

  • Default value: If there is no default farm, connections are closed.