The <NOSRV> in the logs you posted, means that haproxy doesn't believe there is a server available on the backend to fulfull the request.
The first request hits the bk_remail_cert backend, but the next two requests don't, my guess is that the requests don't match your "use_backend" requirements, and you don't have a default_backend set for the request to fall through. thus, the <NOSRV> logs. On Wed, Aug 12, 2015 at 10:58 PM, Roman Gelfand <[email protected]> wrote: > I am not seeing a response to the following post. The apache backend server > show now trace of the post request, below. > > Aug 12 22:43:43 localhost haproxy[15606]: 38.105.236.253:59539 > [12/Aug/2015:22:43:12.935] farm_test_ssl~ bk_remail_cert/remail > 26582/0/1/3530/30113 200 1229 - - ---- 1/1/0/0/0 0/0 "POST > /services/ajax.php/imp/poll HTTP/1.1" > Aug 12 22:43:44 localhost haproxy[15606]: 107.107.59.175:29935 > [12/Aug/2015:22:43:44.289] farm_test_ssl~ farm_test_ssl/<NOSRV> > -1/-1/-1/-1/86 503 212 - - SC-- 1/1/0/0/0 0/0 "POST > /Microsoft-Server-ActiveSync?Cmd=Sync&User=ruser%40mydomain.com&DeviceId=SEC15CCC18A02315&DeviceType=SAMSUNGSMG900A > HTTP/1.1" > Aug 12 22:43:57 localhost haproxy[15606]: 107.107.59.175:17798 > [12/Aug/2015:22:43:57.550] farm_test_ssl~ farm_test_ssl/<NOSRV> > -1/-1/-1/-1/88 503 212 - - SC-- 1/1/0/0/0 0/0 "POST > /Microsoft-Server-ActiveSync?Cmd=Sync&User=ruser%40mydomain.com&DeviceId=SEC15CCC18A02315&DeviceType=SAMSUNGSMG900A > HTTP/1.1" > > > this is the front-end back-end configuration > > frontend farm_test_ssl > mode http > bind 0.0.0.0:443 ssl crt crt /etc/ssl/certs/remail.pem > use_backend bk_remail_cert if { ssl_fc_sni remail.mydomain.com } # content > switching based on SNI > > backend bk_remail_cert > mode http > server remail 192.168.8.166:80 check > http-request set-header X-Forwarded-Proto https if { ssl_fc } > > > > On Wed, Aug 12, 2015 at 5:12 PM Jeff Palmer <[email protected]> wrote: >> >> Describing the issues you think it's causing fire haproxy would also be >> helpful. >> >> On Aug 12, 2015 4:37 PM, "Baptiste" <[email protected]> wrote: >>> >>> On Wed, Aug 12, 2015 at 6:34 PM, Roman Gelfand <[email protected]> >>> wrote: >>> > Why would the following apache directives cause problems for haproxy. >>> > >>> > RewriteRule ^/Microsoft-Server-ActiveSync /rpc.php >>> > [PT,L,QSA] >>> > RewriteRule .* - >>> > [E=HTTP_MS_ASPROTOCOLVERSION:%{HTTP:Ms-Asprotocolversion}] >>> > RewriteRule .* - >>> > [E=HTTP_X_MS_POLICYKEY:%{HTTP:X-Ms-Policykey}] >>> > RewriteRule .* - >>> > [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] >>> > >>> > Thanks in advance >>> >>> >>> First, you say 'hi' >>> >>> Second, you explain your problem and whayt those apache rules are >>> supposed to do, what type of application are they applied to and how >>> this application is supposed to work. >>> >>> Without a bit of context, it is impossible to help! >>> >>> Baptiste >>> > -- Jeff Palmer https://PalmerIT.net
