Hi Lukas,

Le 19 févr. 2018 23:37, "Lukas Tribus" <lu...@ltri.eu> a écrit :

Hello Baptiste,

On 19 February 2018 at 18:59, Baptiste <bed...@gmail.com> wrote:
> Hi guys,
> While working with consul, I discovered a "false positive" corner case
> triggers a downgrade of the accepted_payload_size.

Is this downgrade at good thing in the first place? Doesn't it hide
configuration and network issues, make troubleshooting more complex
and the haproxy behavior less predictable?

It is an rfc recommendation (rfc number is commented somewhere in the
source code, but I am on a mobile and can't access it).
Its purpose is to hide networking issues when responses has to cross the
internet and behavior is not predictable.
By default, haproxy announces 512 bytes of accepted payload which can be
too low for some use cases. Hence we can also announce acceptance of big
payloads and must provide a failover to a safe value if we never ever
receive any response.

In my case, I received many response for multiple backend and was receiving
nx domains and unfortunately triggered the downgrade to lower accepted

When we see a response with the TC flag set, do we drop it or do we
still consider the DNS response?

Haproxy ignores tc flag for now.
Later, it will have to trigger a failover to tcp.

Also, do any of those code paths set srv_admin_state to 0x60
(combination between SRV_ADMF_RMAINT and SRV_ADMF_HMAINT state)? I'm
thinking about this thread:

I don't think so. It's purely DNS layer.
I will confirm that once I have access to a computer.


Reply via email to