On 6 February 2012 19:19, Jonathan Bond-Caron <[email protected]> wrote: > frontend gde_mtl *:80 > acl host_static hdr_end(host) mvdd.net > use_backend static if host_static > default_backend dynamic > > If it possible for hdr_end(host) to fail for some reason? We have odd cases > (1%) where that rule isn’t matched.
I wouldn't be surprised to find it's some client out there appending the port to the host header. e.g. "Host: www.google.com:8080". Curl does this, for instance, when a request goes over a non-standard port. Alternatively, it might be random web traffic (malicious or incorrectly targeted) hitting you. Have you verified the requests are what you expect, and not collateral/drive-by traffic? Perhaps you might look at using "hdr_dom", which (I assume; untested) does the job of decomposing the header value into dot (and colon?) separated chunks for you. > Could it be that a proxy rewrites the host header? Well, you tell us! It kind of depends on what proxies you actually *have* in front of HAProxy :-) If instead you mean "random caching transparent web proxies" that a user might be going through unawares, then it's possible. I suggest one would be rather broken if it changed important headers like "Host"; however it's not inconceivable. > Could someone explain the difference between ‘hdr_end’ and ‘shdr_end’? The fine manual already explains the difference between these. One is for checking request headers and the other is for checking response headers. Cheers, Jonathan -- Jonathan Matthews London and Oxford, UK http://www.jpluscplusm.com/contact.html
