On Thu, Jul 09, 2009 at 04:47:23PM +0200, Jean-Baptiste Quenot wrote: > I could reproduce the issue in a test setup. Haproxy is running on > port 80 and nginx on port 83. The client sends a very long cookie > header value (4104 bytes). I used "tcpdump -s 0 -i lo -w dump port > 83", loaded the dump in wireshark and exported as plain text to > produce a readable output. Everytime I reload the page there are two > HTTP requests, one for "/" and one for "/favicon.ico". After a random > number of reloads, haproxy sends a 502 instead of displaying the 400 > error. I tried with and without option httpclose, it doesn't change > the behavior.
how did you compile your haproxy ? could you run "haproxy -vv" ? That large a cookie might sometimes hit the buffer limit (which by default is 8kB). > Please find attached the TCP packets involved. Could you please send the pcap file instead, it's more readable for me :-) > In the normal "GET /" case, at the end of the request we have: > > nginx: RST, ACK > haproxy: ACK > nginx: RST that's interesting because an RST means that a packet was received for a non-existing connection, typically something which was closed during the transfer. I find it strange that nginx sends you an RST during a transfer, it means it has already closed, which is not really expected (or maybe its request buffer size is close to the request size too). > However in the last "GET /" we have: > > nginx: RST, ACK > haproxy: RST, ACK > > Or maybe I'm misinterpreting the various pieces of information...? I think we will find everything in your trace, we're close to explain what you observe. > Advice from a TCP expert is necessary :-) :-) Regards, Willy
