-
Trung
> Is there a way to know if a JID is black listed in RTBL? good idea
-
moparisthebest
obviously yes, otherwise it'd be useless ?
-
Trung
how ?
-
moparisthebest
https://modules.prosody.im/mod_muc_rtbl
-
moparisthebest
you sha256 hash the jid and see if it's in the list
-
Trung
what's the `curl` command ? or you write xml manually ? or you install Arch ? or what ?
-
moparisthebest
yes
-
Trung
mkay
-
Guus
Do load balancers generally offer functionality for a TCP client to prefer to be serviced by the same server, for successive TCP connections? Something akin to 'sticky sessions'? I'd like consecutive TCP connections for 5222 to end up with the same server in a group of servers.
-
Guus
I'm guessing that source-IP based algorithms are available - but are there other options?
-
jonas’
what other options are there, conceptually, for plain tcp?
-
Guus
magic
-
Guus
(I'm not particularly well versed in these things - I'd rather ask than assume)
-
jonas’
right
-
jonas’
I can't come up with a scheme for _plain tcp_ which would allow stickiness beyond source-IP based bucketing of connections
-
Guus
I was hoping someone here was doing this for XMPP, and share some thoughts.
-
jonas’
for XMPP IIRC you'd have to do at least start TLS before you have an idea about the identity of the connecting entity (@from on the stream header, I think that's only sent post-TLS, if not even only post-auth, for c2s)
-
Guus
Although I appreciate the thought, I kind of want to avoid the theoretical and hope to learn about practical / real-world experience.
-
jonas’
okay :)
-
jonas’
pinging moparisthebest, because if anything, xmpp-proxy seems like the tool which might be able to achieve that.
-
nuegia.net
what's xmpp-proxy?
-
nuegia.net
is it better than haproxy?
-
jonas’
nuegia.net, https://github.com/moparisthebest/xmpp-proxy/
-
nuegia.net
> Do load balancers generally offer functionality for a TCP client to prefer to be serviced by the same server, for successive TCP connections? Something akin to 'sticky sessions'? I'd like consecutive TCP connections for 5222 to end up with the same server in a group of servers. haproxy does ↺
-
nuegia.net
i'm using it to convert ipv4-only clients to my ipv6-only network
-
nuegia.net
jonas’, why proxyprotov1 only? why not proxyprotov2?
-
jonas’
nuegia.net, not my project, no idea, don't care.
-
MattJ
Guus, seconding the recommendation for haproxy if you're looking for this kind of thing. While stickiness options for TCP are limited, I've also managed deployments that use BOSH with cookies for stickiness.
-
Guus
Thanks. Yeah, the web-based connections are a bit more straight-forward. I'm assuming that HA-Proxy uses a source-IP based approach, too (nothing more fancy than the magic that I was hoping to learn about here)?
-
MattJ
Yep, there aren't really many other options in the general case. If there is something specific you want to use instead of source IP, then haproxy can probably do that too (it's very flexible).