Hey, So I was tweaking some haproxy rules and ran into something I found a little odd.
I added the following to one of my front ends. acl abuse_users src -f /etc/haproxy/abuse_users.lst timeout http-request 5s if abuse_users My belief was the 5s timeout would ONLY apply to IPs in the abuse_users ACL. However, we observed this effecting a number of users receiving 408 errors that are not in the list. So, it appears the 'timeout http-request 5s' was being enforced on all users regardless of the 'if abuse_users'. HAProxy also had logs indicating the 408 errors were a result of a 5s timeout This is the only 5s timeout in the config. (assuming there are no defaults that could do this) Also, I believe there was a secondary issue (which is the really odd part). The 408 errors were received by the end user nearly instantly when a request was made (<100ms after start). I have a have a feeling my keep alive is longer (or can be longer) than the http-request timeout. I have no idea what to make of this part. I also just upgraded to 1.5-dev25 last week so this may be a bug in the dev branch. I was wondering if anyone had any thoughts, comments or suggestions about this? Thanks in advance, Adam
