Hi again,
Le 07/06/2013 22:51, Simon Green a écrit :
Hi Cyril,
In the docs you link to you say the default buffer is 8192 but the docs says
16384. Which is correct?
Yes the default buffer size is 16384, but part of it is reserved during
the headers processing state. The reserved size is defined by
tune.maxrewrite. By default, half of the buffer is reserved.
http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#tune.maxrewrite
Simon
-----Original Message-----
From: Cyril Bonté [mailto:[email protected]]
Sent: 07 June 2013 19:04
To: Simon Green
Cc: '[email protected]'
Subject: Re: HTTP 502 errors when backend returns 302
Hi Simon,
Le 07/06/2013 18:53, Simon Green a écrit :
Hi List,
We are having a problem that's been making us scratch our heads all
week, and really need some advice on.
I'll start with some relevant background info:
We're running We are running HAProxy 1.5-dev17 2012/12/28.
Here is our HAProxy config: http://paste.wirehive.net/view/aa72de09
Here is a capture of the debug logs showing a 502 happening:
http://paste.wirehive.net/view/21750804
These are the relevant parts of the documentation I can find for this
error: http://paste.wirehive.net/view/d0fcf3ca
Here is an example of a response that comes back from the server when
bypassing the HAProxy install: http://paste.wirehive.net/view/3e6e7297
We've found that a number of different pages give this error, all
using different bits of code, however possibly noteworthy is the
application is Magento Enterprise.
I'd really appreciate some guidance on how I can get some more
detailed error/debug logging out of HAProxy. For example if one of the
headers is invalid, how can I find out which header?
From the response you provided, it is quite normal. Is this really the whole
response ?
Some issues in it :
1. The response is not HTTP compliant, a lot of lines misses a "Set-Cookie:" at
the beginning, this explain one kind of 502 returned by haproxy.
This is not a valid line :
CUSTOMER_SEGMENT_IDS=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/;
domain=wwrd.wearefolk.com; httponly
2. "Transfer-Encoding: chunked" without any chunk delimiter ? I hope you just
truncated the response body for the bug report.
3. your response exceeds some limits :
- more than the default 8192 bytes limit, please see tune.bufsize
http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#3-tune.bufsize
- too many headers, please see tune.http.maxhdr
http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#3-tune.http.maxhdr
As a side note, you should avoid using haproxy in tunnel mode with layer
7 headers manipulation (such as reqadd), try to re-enable "option httpclose" or better "option
http-server-close" (don't forget also to add a "timeout http-keep-alve").
But honestly, you should really fix the application to prevent those many
headers duplications. You'll always have trouble with such responses.
Thanks in advance,
Simon
--
Cyril Bonté
--
Cyril Bonté
