Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / efde955bdb7b7479267cfcd823cce26bb3f5c4d3 / . / include / common / defaults.h
blob: aeddb0108e86f241787c9047e4b1a4c037d502fc [file] [log] [blame]
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]1/*
Willy Tarreaudeb9ed82010-01-03 21:03:22 +0100[diff] [blame]2 * include/common/defaults.h
3 * Miscellaneous default values.
4 *
5 * Copyright (C) 2000-2010 Willy Tarreau - w@1wt.eu
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation, version 2.1
10 * exclusively.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20 */
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]21
Willy Tarreau2dd0d472006-06-29 17:53:05 +0200[diff] [blame]22#ifndef _COMMON_DEFAULTS_H
23#define _COMMON_DEFAULTS_H
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]24
Willy Tarreauff9c9142019-02-07 10:39:36 +0100[diff] [blame]25/* MAX_PROCS defines the highest limit for the global "nbproc" value. It
26 * defaults to the number of bits in a long integer but may be lowered to save
27 * resources on embedded systems.
28 */
29#ifndef MAX_PROCS
30#define MAX_PROCS LONGBITS
31#endif
32
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]33/*
34 * BUFSIZE defines the size of a read and write buffer. It is the maximum
Willy Tarreau87b09662015-04-03 00:22:06 +0200[diff] [blame]35 * amount of bytes which can be stored by the proxy for each stream. However,
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]36 * when reading HTTP headers, the proxy needs some spare space to add or rewrite
37 * headers if needed. The size of this spare is defined with MAXREWRITE. So it
38 * is not possible to process headers longer than BUFSIZE-MAXREWRITE bytes. By
Willy Tarreau27097842015-09-28 13:53:23 +0200[diff] [blame]39 * default, BUFSIZE=16384 bytes and MAXREWRITE=min(1024,BUFSIZE/2), so the
40 * maximum length of headers accepted is 15360 bytes.
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]41 */
42#ifndef BUFSIZE
43#define BUFSIZE 16384
44#endif
45
Willy Tarreaua24adf02014-11-27 01:11:56 +0100[diff] [blame]46/* certain buffers may only be allocated for responses in order to avoid
47 * deadlocks caused by request queuing. 2 buffers is the absolute minimum
48 * acceptable to ensure that a request gaining access to a server can get
49 * a response buffer even if it doesn't completely flush the request buffer.
50 * The worst case is an applet making use of a request buffer that cannot
51 * completely be sent while the server starts to respond, and all unreserved
52 * buffers are allocated by request buffers from pending connections in the
53 * queue waiting for this one to flush. Both buffers reserved buffers may
54 * thus be used at the same time.
55 */
56#ifndef RESERVED_BUFS
57#define RESERVED_BUFS 2
58#endif
59
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]60// reserved buffer space for header rewriting
61#ifndef MAXREWRITE
Willy Tarreau27097842015-09-28 13:53:23 +0200[diff] [blame]62#define MAXREWRITE 1024
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]63#endif
64
Willy Tarreaubf43f6e2013-06-03 15:52:52 +0200[diff] [blame]65#ifndef REQURI_LEN
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]66#define REQURI_LEN 1024
Willy Tarreaubf43f6e2013-06-03 15:52:52 +0200[diff] [blame]67#endif
68
69#ifndef CAPTURE_LEN
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]70#define CAPTURE_LEN 64
Willy Tarreaubf43f6e2013-06-03 15:52:52 +0200[diff] [blame]71#endif
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]72
Willy Tarreau4e957902014-06-27 18:08:49 +0200[diff] [blame]73#ifndef MAX_SYSLOG_LEN
74#define MAX_SYSLOG_LEN 1024
75#endif
76
Krzysztof Piotr Oledzkie6bbd742007-11-01 00:33:12 +0100[diff] [blame]77// maximum line size when parsing config
78#ifndef LINESIZE
79#define LINESIZE 2048
80#endif
81
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]82// max # args on a configuration line
Krzysztof Piotr Oledzkie6bbd742007-11-01 00:33:12 +0100[diff] [blame]83#define MAX_LINE_ARGS 64
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]84
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]85// maximum line size when parsing crt-bind-list config
86#define CRT_LINESIZE 65536
87
88// max # args on crt-bind-list configuration line
89#define MAX_CRT_ARGS 2048
Emmanuel Hocdet5e0e6e42016-05-13 11:18:50 +0200[diff] [blame]90
Willy Tarreau5ca791d2009-08-16 19:06:42 +0200[diff] [blame]91// max # args on a stats socket
Willy Tarreau47060b62013-08-01 21:11:42 +0200[diff] [blame]92// This should cover at least 5 + twice the # of data_types
93#define MAX_STATS_ARGS 64
Krzysztof Piotr Oledzki2c6962c2008-03-02 02:42:14 +0100[diff] [blame]94
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]95// max # of matches per regexp
96#define MAX_MATCH 10
97
Willy Tarreaue5f20dc2006-12-03 15:21:35 +0100[diff] [blame]98// max # of headers in one HTTP request or response
Willy Tarreauac1932d2011-10-24 19:14:41 +0200[diff] [blame]99// By default, about 100 headers (+1 for the first line)
Willy Tarreaue5f20dc2006-12-03 15:21:35 +0100[diff] [blame]100#ifndef MAX_HTTP_HDR
Willy Tarreauac1932d2011-10-24 19:14:41 +0200[diff] [blame]101#define MAX_HTTP_HDR 101
Willy Tarreaue5f20dc2006-12-03 15:21:35 +0100[diff] [blame]102#endif
103
Willy Tarreaubce70882009-09-07 11:51:47 +0200[diff] [blame]104// max # of headers in history when looking for header #-X
105#ifndef MAX_HDR_HISTORY
106#define MAX_HDR_HISTORY 10
107#endif
108
Willy Tarreaub4c84932013-07-23 19:15:30 +0200[diff] [blame]109// max # of stick counters per session (at least 3 for sc0..sc2)
Willy Tarreaub4c84932013-07-23 19:15:30 +0200[diff] [blame]110#ifndef MAX_SESS_STKCTR
111#define MAX_SESS_STKCTR 3
112#endif
113
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +0500[diff] [blame]114// max # of extra stick-table data types that can be registered at runtime
Willy Tarreauedee1d62014-07-15 16:44:27 +0200[diff] [blame]115#ifndef STKTABLE_EXTRA_DATA_TYPES
116#define STKTABLE_EXTRA_DATA_TYPES 0
117#endif
118
Adis Nezirovic1a693fc2020-01-16 15:19:29 +0100[diff] [blame]119// max # of stick-table filter entries that can be used during dump
120#ifndef STKTABLE_FILTER_LEN
121#define STKTABLE_FILTER_LEN 4
122#endif
123
Willy Tarreaub8949f12007-03-23 22:39:59 +0100[diff] [blame]124// max # of loops we can perform around a read() which succeeds.
125// It's very frequent that the system returns a few TCP segments at a time.
126#ifndef MAX_READ_POLL_LOOPS
127#define MAX_READ_POLL_LOOPS 4
128#endif
129
Willy Tarreau6f4a82c2009-03-21 20:43:57 +0100[diff] [blame]130// minimum number of bytes read at once above which we don't try to read
131// more, in order not to risk facing an EAGAIN. Most often, if we read
132// at least 10 kB, we can consider that the system has tried to read a
133// full buffer and got multiple segments (>1 MSS for jumbo frames, >7 MSS
134// for normal frames) did not bother truncating the last segment.
135#ifndef MIN_RECV_AT_ONCE_ENOUGH
136#define MIN_RECV_AT_ONCE_ENOUGH (7*1448)
137#endif
138
Willy Tarreau14acc702011-05-11 20:47:24 +0200[diff] [blame]139// The minimum number of bytes to be forwarded that is worth trying to splice.
140// Below 4kB, it's not worth allocating pipes nor pretending to zero-copy.
141#ifndef MIN_SPLICE_FORWARD
142#define MIN_SPLICE_FORWARD 4096
143#endif
144
Willy Tarreau1db37712007-06-03 17:16:49 +0200[diff] [blame]145// the max number of events returned in one call to poll/epoll. Too small a
146// value will cause lots of calls, and too high a value may cause high latency.
147#ifndef MAX_POLL_EVENTS
148#define MAX_POLL_EVENTS 200
149#endif
150
Olivier Houchard1599b802018-05-24 18:59:04 +0200[diff] [blame]151// the max number of tasks to run at once
152#ifndef RUNQUEUE_DEPTH
153#define RUNQUEUE_DEPTH 200
154#endif
155
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +0500[diff] [blame]156// cookie delimiter in "prefix" mode. This character is inserted between the
Lukas Tribus23953682017-04-28 13:24:30 +0000[diff] [blame]157// persistence cookie and the original value. The '~' is allowed by RFC6265,
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]158// and should not be too common in server names.
159#ifndef COOKIE_DELIM
160#define COOKIE_DELIM '~'
161#endif
162
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +0500[diff] [blame]163// this delimiter is used between a server's name and a last visit date in
Willy Tarreaubca99692010-10-06 19:25:55 +0200[diff] [blame]164// cookies exchanged with the client.
165#ifndef COOKIE_DELIM_DATE
166#define COOKIE_DELIM_DATE '|'
167#endif
168
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]169#define CONN_RETRIES 3
170
171#define CHK_CONNTIME 2000
172#define DEF_CHKINTR 2000
Pieter Baauw46af1702016-02-12 14:35:20 +0100[diff] [blame]173#define DEF_MAILALERTTIME 10000
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]174#define DEF_FALLTIME 3
175#define DEF_RISETIME 2
Simon Horman58c32972013-11-25 10:46:38 +0900[diff] [blame]176#define DEF_AGENT_FALLTIME 1
177#define DEF_AGENT_RISETIME 1
Simon Horman98637e52014-06-20 12:30:16 +0900[diff] [blame]178#define DEF_CHECK_PATH ""
Christopher Faulet33f05df2020-04-01 11:08:50 +0200[diff] [blame]179
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]180
Krzysztof Piotr Oledzki97f07b82009-12-15 22:31:24 +0100[diff] [blame]181#define DEF_HANA_ONERR HANA_ONERR_FAILCHK
182#define DEF_HANA_ERRLIMIT 10
183
Ross Westaf72a1d2008-08-03 10:51:45 +0200[diff] [blame]184// X-Forwarded-For header default
185#define DEF_XFORWARDFOR_HDR "X-Forwarded-For"
186
Maik Broemme2850cb42009-04-17 18:53:21 +0200[diff] [blame]187// X-Original-To header default
188#define DEF_XORIGINALTO_HDR "X-Original-To"
189
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]190/* Default connections limit.
191 *
192 * A system limit can be enforced at build time in order to avoid using haproxy
193 * beyond reasonable system limits. For this, just define SYSTEM_MAXCONN to the
194 * absolute limit accepted by the system. If the configuration specifies a
195 * higher value, it will be capped to SYSTEM_MAXCONN and a warning will be
196 * emitted. The only way to override this limit will be to set it via the
Willy Tarreaudf23c0c2019-03-13 10:10:49 +0100[diff] [blame]197 * command-line '-n' argument. If SYSTEM_MAXCONN is not set, a minimum value
198 * of 100 will be used for DEFAULT_MAXCONN which almost guarantees that a
199 * process will correctly start in any situation.
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]200 */
Willy Tarreauca783d42019-03-13 10:03:07 +0100[diff] [blame]201#ifdef SYSTEM_MAXCONN
Willy Tarreauc9fe4562009-06-15 16:33:36 +0200[diff] [blame]202#undef DEFAULT_MAXCONN
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]203#define DEFAULT_MAXCONN SYSTEM_MAXCONN
Willy Tarreaudf23c0c2019-03-13 10:10:49 +0100[diff] [blame]204#elif !defined(DEFAULT_MAXCONN)
205#define DEFAULT_MAXCONN 100
Willy Tarreaubaaee002006-06-26 02:48:02 +0200[diff] [blame]206#endif
207
Willy Tarreau2c43a1e2007-10-14 23:05:39 +0200[diff] [blame]208/* Minimum check interval for spread health checks. Servers with intervals
209 * greater than or equal to this value will have their checks spread apart
210 * and will be considered when searching the minimal interval.
211 * Others will be ignored for the minimal interval and will have their checks
212 * scheduled on a different basis.
213 */
214#ifndef SRV_CHK_INTER_THRES
215#define SRV_CHK_INTER_THRES 1000
216#endif
217
Krzysztof Oledzkid9db9272007-10-15 10:05:11 +0200[diff] [blame]218/* Specifies the string used to report the version and release date on the
219 * statistics page. May be defined to the empty string ("") to permanently
220 * disable the feature.
221 */
222#ifndef STATS_VERSION_STRING
223#define STATS_VERSION_STRING " version " HAPROXY_VERSION ", released " HAPROXY_DATE
224#endif
225
Willy Tarreau8f38bd02009-05-10 08:53:33 +0200[diff] [blame]226/* Maximum signal queue size, and also number of different signals we can
227 * handle.
228 */
229#ifndef MAX_SIGNAL
230#define MAX_SIGNAL 256
231#endif
232
Willy Tarreau3ad6a762009-08-16 10:08:02 +0200[diff] [blame]233/* Maximum host name length */
234#ifndef MAX_HOSTNAME_LEN
Willy Tarreau75abcb32015-01-14 11:48:58 +0100[diff] [blame]235#if MAXHOSTNAMELEN
236#define MAX_HOSTNAME_LEN MAXHOSTNAMELEN
237#else
238#define MAX_HOSTNAME_LEN 64
239#endif // MAXHOSTNAMELEN
240#endif // MAX_HOSTNAME_LEN
Willy Tarreau3ad6a762009-08-16 10:08:02 +0200[diff] [blame]241
Krzysztof Piotr Oledzkif7089f52009-10-10 21:06:49 +0200[diff] [blame]242/* Maximum health check description length */
243#ifndef HCHK_DESC_LEN
244#define HCHK_DESC_LEN 128
245#endif
246
Emeric Brun76d88952012-10-05 15:47:31 +0200[diff] [blame]247/* ciphers used as defaults on connect */
248#ifndef CONNECT_DEFAULT_CIPHERS
249#define CONNECT_DEFAULT_CIPHERS NULL
250#endif
251
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]252/* ciphers used as defaults on TLS 1.3 connect */
253#ifndef CONNECT_DEFAULT_CIPHERSUITES
254#define CONNECT_DEFAULT_CIPHERSUITES NULL
255#endif
256
Emeric Brun76d88952012-10-05 15:47:31 +0200[diff] [blame]257/* ciphers used as defaults on listeners */
258#ifndef LISTEN_DEFAULT_CIPHERS
259#define LISTEN_DEFAULT_CIPHERS NULL
260#endif
261
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]262/* cipher suites used as defaults on TLS 1.3 listeners */
263#ifndef LISTEN_DEFAULT_CIPHERSUITES
264#define LISTEN_DEFAULT_CIPHERSUITES NULL
265#endif
266
Emeric Brun6924ef82013-03-06 14:08:53 +0100[diff] [blame]267/* named curve used as defaults for ECDHE ciphers */
268#ifndef ECDHE_DEFAULT_CURVE
269#define ECDHE_DEFAULT_CURVE "prime256v1"
270#endif
271
Emeric Brun46635772012-11-14 11:32:56 +0100[diff] [blame]272/* ssl cache size */
273#ifndef SSLCACHESIZE
274#define SSLCACHESIZE 20000
275#endif
276
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]277/* ssl max dh param size */
278#ifndef SSL_DEFAULT_DH_PARAM
279#define SSL_DEFAULT_DH_PARAM 0
280#endif
281
Willy Tarreaud92aa5c2015-01-15 21:34:39 +0100[diff] [blame]282/* max memory cost per SSL session */
283#ifndef SSL_SESSION_MAX_COST
284#define SSL_SESSION_MAX_COST (16*1024) // measured
285#endif
286
287/* max memory cost per SSL handshake (on top of session) */
288#ifndef SSL_HANDSHAKE_MAX_COST
289#define SSL_HANDSHAKE_MAX_COST (76*1024) // measured
290#endif
Willy Tarreaud0256482015-01-15 21:45:22 +0100[diff] [blame]291
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]292#ifndef DEFAULT_SSL_CTX_CACHE
293#define DEFAULT_SSL_CTX_CACHE 1000
294#endif
295
Willy Tarreau87b09662015-04-03 00:22:06 +0200[diff] [blame]296/* approximate stream size (for maxconn estimate) */
297#ifndef STREAM_MAX_COST
298#define STREAM_MAX_COST (sizeof(struct stream) + \
Willy Tarreaud0256482015-01-15 21:45:22 +0100[diff] [blame]299 2 * sizeof(struct channel) + \
300 2 * sizeof(struct connection) + \
Stéphane Cottin23e9e932017-05-18 08:58:41 +0200[diff] [blame]301 global.tune.requri_len + \
Willy Tarreaud0256482015-01-15 21:45:22 +0100[diff] [blame]302 2 * global.tune.cookie_len)
303#endif
304
305/* available memory estimate : count about 3% of overhead in various structures */
306#ifndef MEM_USABLE_RATIO
307#define MEM_USABLE_RATIO 0.97
Willy Tarreaud92aa5c2015-01-15 21:34:39 +0100[diff] [blame]308#endif
309
Willy Tarreau3bc4e8b2020-05-09 09:02:35 +0200[diff] [blame]310/* default per-thread pool cache size when enabled */
311#ifndef CONFIG_HAP_POOL_CACHE_SIZE
312#define CONFIG_HAP_POOL_CACHE_SIZE 524288
313#endif
314
Willy Tarreau4bfc5802014-06-17 12:19:18 +0200[diff] [blame]315/* Number of samples used to compute the times reported in stats. A power of
316 * two is highly recommended, and this value multiplied by the largest response
317 * time must not overflow and unsigned int. See freq_ctr.h for more information.
318 * We consider that values are accurate to 95% with two batches of samples below,
319 * so in order to advertise accurate times across 1k samples, we effectively
320 * measure over 512.
321 */
322#ifndef TIME_STATS_SAMPLES
323#define TIME_STATS_SAMPLES 512
324#endif
325
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]326/* max ocsp cert id asn1 encoded length */
327#ifndef OCSP_MAX_CERTID_ASN1_LENGTH
328#define OCSP_MAX_CERTID_ASN1_LENGTH 128
329#endif
330
Emeric Brunc8b27b62014-06-19 14:16:17 +0200[diff] [blame]331#ifndef OCSP_MAX_RESPONSE_TIME_SKEW
332#define OCSP_MAX_RESPONSE_TIME_SKEW 300
333#endif
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]334
335/* Number of TLS tickets to check, used for rotation */
336#ifndef TLS_TICKETS_NO
337#define TLS_TICKETS_NO 3
338#endif
Willy Tarreauf3045d22015-04-29 16:24:50 +0200[diff] [blame]339
340/* pattern lookup default cache size, in number of entries :
341 * 10k entries at 10k req/s mean 1% risk of a collision after 60 years, that's
342 * already much less than the memory's reliability in most machines and more
343 * durable than most admin's life expectancy. A collision will result in a
344 * valid result to be returned for a different entry from the same list.
345 */
346#ifndef DEFAULT_PAT_LRU_SIZE
347#define DEFAULT_PAT_LRU_SIZE 10000
348#endif
349
Willy Tarreau2dd0d472006-06-29 17:53:05 +0200[diff] [blame]350#endif /* _COMMON_DEFAULTS_H */