Le 14/06/2017 à 13:07, Vijay Bais a écrit :
On Wed, Jun 14, 2017 at 3:06 PM, Christopher Faulet <[email protected] <mailto:[email protected]>> wrote:Ok, If the problem is still there with a stable release, be sure to have the "send-proxy" directive on your server line (the one which forwards the traffic to haproxy itself). If you have any doubt about your configuration, please, share it.Below are the snippets on haproxy configuration of reverse proxy and load balancer:*On reverse proxy(1.2.3.4):* <snip> defaults log global mode tcp option tcplog listen revproxy :80 server load-balancer 5.6.7.8:80 <http://5.6.7.8:80> send-proxy </snip> *On load balancer(5.6.7.8):* <snip> defaults log global option forwardfor mode http option httplog option httpclose frontend web bind 5.6.7.8:80 <http://5.6.7.8:80> acl revproxy src 1.2.3.4/32 <http://1.2.3.4/32> tcp-request connection expect-proxy layer4 if revproxy default_backend web-backend backend web-backend balance leastconn server node1 11.11.11.11:8080 <http://11.11.11.11:8080> check server node2 22.22.22.22:8080 <http://22.22.22.22:8080> check </snip> Let me know if anything seems incorrect here.
Nothing strange here. In your first message, you said that the error is intermittent. does it means that some HTTP requests are correctly handled and others fail, all coming from 1.2.3.4 through the listener "revproxy" ? With this kind of configuration, all connections from 1.2.3.4 to 5.6.7.8:80 must use the PROXY protocol.
Could you start your 2 instances of haproxy with the debug mode enabled (-d option) to do some requests and provide their outputs and the logs ?
-- Christopher Faulet
