On Fri, Oct 05, 2012 at 05:01:39PM -0700, Jesper Noehr wrote: > >> I realize 1.5-dev12 has SSL support, but this is quite > >> recent, so we're using the stud->haproxy setup still. > > > > I understand :-) There are some brave users anyway who helped us spot > > a number of issues, but we're not finding that many bugs anymore. > > We'd love to have SSL termination inside haproxy for all our needs; > less moving parts makes these things a lot easier!
well, we intend to use the upcoming -dev13 in our next aloha LB appliance, so you can expect that we're doing our best to ensure it will be rock solid :-) > I can reproduce this on a fairly consistent basis on a Windows laptop > we have sitting around. It fails less often on linux/OSX, if at all. > We haven't been able to reproduce it on those systems, and we haven't > had any reports from customers either, although they could've just > never reported it. That's very possible. Everytime I take network traces on a production system, I ask myself how the hell people don't complain! > Is there anything else you can think of? I'm almost willing to try > anything at this point. If you can easily reproduce it with this laptop, it would be interesting to test it on the LAN and over the net (eg: ADSL line) to see the effect of latency. I'd really bet it's only a timing issue during some operation. You can also sniff the traffic between this laptop and stud, we might already notice something strange once you isolate a faulty session from haproxy's logs. Willy
