I have a setup witg 5 HAProxy v1.8.14-52e4d43, using replicated one
replicated sticky table. This is the relevant config:

peers cluster_hap
    peer afrodite
    peer artemis
    peer atena
    peer demeter
    peer minerva

frontend https
    bind *:443 tfo ssl crt /etc/haproxy/certs/xxx.pem alpn h2,http/1.1

    acl local_ips src

    stick-table type ip size 1000 expire 10s store conn_cur peers
    tcp-request connection track-sc0 src
    tcp-request connection accept if local_ips
    tcp-request connection reject if { src_conn_cur gt 100 }
    tcp-request connection accept
    tcp-request inspect-delay 1s
    tcp-request content accept if local_ips
    tcp-request content accept if { src_conn_cur le 20 }
    tcp-request content accept if WAIT_END

This works fine most of the time, but every now and then, when I check the
stick table contents, one or more IPs show up with an absurd number of
cunn_cur - Often around 4 Billion entries - A number very close to
the 32-bit unsigned int data type limit.

[image: image.png]

Feels like a bug, but I am not sure how to report it, or if I am doing
something wrong in my setup, can you please advise?


Reply via email to