Hello, We're running 1.5-dev19 2013/06/17 and running ssh connections through haproxy in mode tcp.
Recently we ran into a problem where we had a lot of client connections to haproxy sitting around in FIN_WAIT2 and the corresponding connections to the backend in in CLOSE_WAIT. It appears that our backend has closed the connections but the socket isn't being shudown by the client, and haproxy is holding the connection to the backend open until the client connection is shut down. Those sockets eventually prevented us from accepting new connections, the sockets that are in the CLOSE_WAIT state count against maxconn. Once the connection reaches the client timeout haproxy closes the connection to the backend and the socket in CLOSE_WAIT goes away. We're on linux and have have tried setting tcp_fin_timeout, hoping that it would shutdown the connections in FIN_WAIT2 and in turn shutdown the sockets in CLOSE_WAIT. The tcp_fin_timeout value doesn't seem to have an effect -- it's currently set to 30 seconds, but socket in FIN_WAIT2 linger beyond that. Is there anyway besides the client timeout (which impacts all client interactions, not just close) to get the backend connections int mode tcp freed up sooner? Thanks, Chris
