Hello,

I have a setup witg 5 HAProxy v1.8.14-52e4d43, using replicated one
replicated sticky table. This is the relevant config:


peers cluster_hap
    peer afrodite 10.0.0.2:7600
    peer artemis 10.0.0.3:7600
    peer atena    10.0.0.4:7600
    peer demeter  10.0.0.5:7600
    peer minerva  10.0.0.6:7600

frontend https
    bind *:443 tfo ssl crt /etc/haproxy/certs/xxx.pem alpn h2,http/1.1

    acl local_ips src 172.17.0.0/16

    stick-table type ip size 1000 expire 10s store conn_cur peers
cluster_hap
    tcp-request connection track-sc0 src
    tcp-request connection accept if local_ips
    tcp-request connection reject if { src_conn_cur gt 100 }
    tcp-request connection accept
    tcp-request inspect-delay 1s
    tcp-request content accept if local_ips
    tcp-request content accept if { src_conn_cur le 20 }
    tcp-request content accept if WAIT_END


This works fine most of the time, but every now and then, when I check the
stick table contents, one or more IPs show up with an absurd number of
cunn_cur - Often around 4 Billion entries - A number very close to
the 32-bit unsigned int data type limit.

[image: image.png]

Feels like a bug, but I am not sure how to report it, or if I am doing
something wrong in my setup, can you please advise?


BR.,
Emerson

Reply via email to