RE: 502 Bad Gateway

UPPALAPATI, PRAVEEN Tue, 08 May 2018 07:24:29 -0700

Hi Aleks,

Sorry I missed the group.


My Full Config:

#---------------------------------------------------------------------
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.3/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
     log 127.0.0.1:514 local0 info alert
     log 127.0.0.1:514 local2 info alert
     maxconn     20000
     user        haproxy
     group       haproxy
     daemon
     nbthread 4
     ssl-server-verify none
    
     tune.ssl.default-dh-param 2048

    

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will 
# use if not designated in their block
#---------------------------------------------------------------------
defaults
   
    log         global
    mode        http
    option dontlognull
    rate-limit sessions 6000
    timeout connect 300000 # default 10 second time out if a backend is not 
found
    timeout client 6600000
    timeout server 6600000
    option http-server-close
    maxconn     20000
    retries     3


listen http_proxy-1000
    bind *:1000 
    mode http
    option httplog
    http-request set-uri https://%[url_param(redirHost)]%[capture.req.uri]
    option http_proxy
#---------------------------------------------------------------------


I also tried :

listen http_proxy-1000
    bind *:1000 ssl crt certs.pem
    mode http
    option httplog
    http-request set-uri https://%[url_param(redirHost)]%[capture.req.uri]
    option http_proxy



HAProxy Version :

//opt/app/haproxy/sbin/haproxy -vv
HA-Proxy version 1.8.4-1deb90d 2018/02/08
Copyright 2000-2018 Willy Tarreau <[email protected]>

Build options :
  TARGET  = linux2628
  CPU     = generic
  CC      = gcc
  CFLAGS  = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv 
-Wno-unused-label
  OPTIONS = USE_LIBCRYPT=1 USE_ZLIB=1 USE_THREAD=1 USE_OPENSSL=1 USE_PCRE=1


Was the acl below helpfull?
Yes and also wanted to know if there is a way to print o/p of : hdr_beg(host) 
for debug purposes

Thanks,
Praveen.

-----Original Message-----
From: Aleksandar Lazic [mailto:[email protected]] 
Sent: Tuesday, May 08, 2018 7:40 AM
To: UPPALAPATI, PRAVEEN <[email protected]>; [email protected]
Subject: Re: 502 Bad Gateway

Hi.

Please post only to the mailing list, thanks.
Please keep the mailinglist in the mail loop => "Answer all".

Am 08.05.2018 um 07:25 schrieb UPPALAPATI, PRAVEEN:
> Hi Haproxy-Team,
> 
> I have the following configuration:
> 
> listen http_proxy-1000
>     bind *:1000 
>     mode http
>     option httplog
>     http-request set-uri 
> https://urldefense.proofpoint.com/v2/url?u=https-3A__-25-5Burl-5Fparam-28redirHost-29-5D-25-5Bcapture.req.uri-5D&d=DwIFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=V0kSKiLhQKpOQLIjj3-g9Q&m=t6xdq_k-rDqDEV6GmhRRj82gitY4t9bgda30YThyHHs&s=6xIYqpeCV09krEHS_i6n3zf7hYuKGEadSHB9ny25O7g&e=
>  
>     option http_proxy

This isn't the whole config, isn't it?

The 'url_param' does not match the request below, afais.

Please can you answer the following questions.

Which HAProxy Version do you use?
What's the whole HAProxy config?
Was the acl below helpfull?

Regards
Aleks

> If I issue a request to that port :
> 
> https://<haproxyHost>:1000
> /test/test.txt?Host=<desthost>:8093
> 
> I get <BadReq>
> 
> If I add ssl termination to the config:
> 
> listen http_proxy-1000
>     bind *:1000 ssl  test.pem
>     mode http
>     option httplog
>     http-request set-uri 
> https://urldefense.proofpoint.com/v2/url?u=https-3A__-25-5Burl-5Fparam-28redirHost-29-5D-25-5Bcapture.req.uri-5D&d=DwIFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=V0kSKiLhQKpOQLIjj3-g9Q&m=t6xdq_k-rDqDEV6GmhRRj82gitY4t9bgda30YThyHHs&s=6xIYqpeCV09krEHS_i6n3zf7hYuKGEadSHB9ny25O7g&e=
>  
>     option http_proxy
> 
> 
> I get :
> http-9876~ bk_9876/<NOSRV> 0/0/1/-1/2 502 211 - - PH-- 1/1/0/0/0 0/0 "GET 
> /test/test.txt?idnsredirHost=<destinationhost>:5300 HTTP/1.1"
> 
> I have also set :
> 
> ssl-server-verify none
> 
> @global still no luck.
> 
> Let me know if I am missing anything .
> 
> Thanks,
> Praveen.
> 
> 
> -----Original Message-----
> From: Aleksandar Lazic [mailto:[email protected]] 
> Sent: Tuesday, May 01, 2018 7:22 AM
> To: UPPALAPATI, PRAVEEN <[email protected]>; Willy Tarreau <[email protected]>
> Cc: Olivier Houchard <[email protected]>; [email protected]
> Subject: Re: Logging Question
> 
> Hi.
> 
> Am 30.04.2018 um 19:05 schrieb UPPALAPATI, PRAVEEN:
>>
>> Hi Willy/Oliver,
>>
>> One small question:
>>
>> When I capture the header it's returning xxxx.com in the log but when I 
>> perform Get on xxxx.com:1000 it is not matching the following configuration.
>>
>> frontend http-1000
>>     bind *:1000 
>>     option httplog
>>     capture request header Host len 20
>>     acl is_east hdr(host) -i xxxx.com 
> 
> Maybe this helps?
> 
> acl is_east hdr_beg(host) -i xxxx.com
> 
>>     use_backend east_bk_1000_read if is_east
>>
>> My question is how can I print o/p of hdr(host) & is_east  to log?
>>
>> Appreciate your help.
>>
>> Thanks,
>> Praveen.
> 
> Regards
> Aleks
>

RE: 502 Bad Gateway

Reply via email to