Hi David, I'm kind of amazed that we have both the same problem ( http://www.formilux.org/archives/haproxy/1103/4397.html ) in almost the same circumstances, and we both asked for help at the same time :)
I too am performing LB between proxies. The issue with ICY is also in Squid. You need the upgrade_http0.9 ( http://www.squid-cache.org/Doc/config/upgrade_http0.9/ ) option. But this one works only with Squid 2.7 and 3.1, not with 3.0. I myself have a 3.0 for the main Squid, so I thought I would balance it with Haproxy (elegant solution) to a Squid 3.1. If I try streaming directly on the 3.1 Squid, it will work, but through Haproxy it will fail. It will work through Haproxy if you enable mode tcp. Now, I see you have enabled mode tcp in frontend, but you didn't do this for the backend aswell. You also have a mode http in the defaults section, so if you don't explicitly specify it in the backend, it will get the default-specified mode (http in your case). so: mode tcp in backend and you're ok. I myself have another issue, I cannot send the requests for ICY/radio streaming through my second squid because I don't have any relevant options to use in ACLs, so all requests are sent to the default_backend. -----Original Message----- From: David Young [ Sent: Thursday 10, March 03, 2011 4:36 To: [email protected] Subject: How to deal with proxying shoutcast / ICY protocol Hi folks, First-time poster here - we've been working on implementing haproxy to perform load balancing between our backend squid proxies. I stumbled across an issue today when I realized that I can't listen to streaming radio via my haproxy instance, but that it works fine if I direct my request to one of by backend proxies directly. A bit of searching lead me to the issue of HTTP/1.1 vs ICY as the probable cause (http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html#ss2.10). I thought that if I configured haproxy in "mode tcp" instead of "mode http", that it'd behave more like a simple loadbalancer, and just pass the request onto my squid backend verbatim, but that doesn't seem to have worked either. An example URL I'm having trouble with is http://66.225.205.47/;stream.mp3 Even in "mode tcp", if I request that URL through by browser from haproxy, I get a 502 error, whereas if I requested it directly from the backend squid instance which services my request anyway, I get the expected headers and stream. I thought I'd try telnetting to the haproxy / squid ports respectively, to test, and I received differing output (below). Can anybody enlighten me? Many thanks, David -- Relevant haproxy.cfg -- #--------------------------------------------------------------------- # Global settings #--------------------------------------------------------------------- global log 127.0.0.1 local2 log /dev/log local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon #--------------------------------------------------------------------- # common defaults that all the 'listen' and 'backend' sections will # use if not designated in their block #--------------------------------------------------------------------- defaults mode http log global option dontlognull option http-server-close option httplog # Log on start of connection, not completion option logasap # log errors separately option log-separate-errors option forwardfor option redispatch timeout connect 10000 # default 10 second time out if a backend is not found timeout client 300000 timeout server 300000 maxconn 60000 retries 3 #--------------------------------------------------------------------- # main frontend which proxys to the backends #--------------------------------------------------------------------- frontend test_frontend *:5001 mode tcp option tcpka default_backend test_backend backend test_backend balance roundrobin server localhost localhost:3128 -- Telnet to haproxy infront of single squid tcp backend -- DavidBook:~ davidy$ telnet webscan-dev.blahblah.net 5001 Trying x.x.x.x... Connected to webscan-dev.blahblah.net. Escape character is '^]'. GET http://66.225.205.47/;stream.mp3 HTTP/1.0 502 Bad Gateway Cache-Control: no-cache Connection: close Content-Type: text/html <html><body><h1>502 Bad Gateway</h1> The server returned an invalid or incomplete response. </body></html> Connection closed by foreign host. DavidBook:~ davidy$ -- Telnet to squid directly -- DavidBook:~ davidy$ telnet webscan-dev.blahblah.net 3128 Trying x.x.x.x... Connected to webscan-dev.blahblah.net. Escape character is '^]'. GET http://66.225.205.47/;stream.mp3 ICY 200 OK Date: Thu, 10 Mar 2011 02:25:55 GMT icy-notice1: <BR>This stream requires <a href="http://www.winamp.com/";>Winamp</a><BR> icy-notice2: SHOUTcast Distributed Network Audio Server/Linux v1.9.8<BR> icy-name: Family Friendly WBGL icy-genre: Contemporary Christian icy-url: http://www.wbgl.org Content-Type: audio/mpeg icy-pub: 1 icy-br: 96 X-Cache: MISS from webscan-dev.blahblah.net X-Cache-Lookup: MISS from webscan-dev.blahblah.net:3128 Via: 0.0 webscan-dev.blahblah.net (squid/3.1.11) Connection: close 00/Ȯt?????sƸD?,?4A?Q`F??BA????B??@(???u??kTC??????? <binary stream continues...> The information contained herein is intended for its addressee(s) only and it is privileged or otherwise confidential. Any unauthorized distribution, amendment or disclosure hereof is strictly forbidden by the law. Please find complete and translated versions at http://www.rompetrol.com/disclaimer.html
