You probably don't want net.ipv4.tcp_tw_recycle = 1 when your clients are behind NAT/CGN boxes.
If you have troubles with source port exhaustion, refer to the article Baptiste wrote: http://blog.exceliance.fr/2012/12/12/haproxy-high-mysql-request-rate-and-tcp-source-port-exhaustion/ Lukas
