Hi, all
HAProxy 1.8.17 on Ubuntu 18.04.
The relevant configuration is trivial:
frontend AAAA
mode http
option httplog
bind 1.2.3.4:443 name HTTPS ssl crt /etc/ssl/private/full.pem
ssl-min-ver TLSv1.2 alpn h2,http/1.1
timeout client 1m
use_backend onboard
backend onboard
mode http
timeout connect 10s
timeout server 1m
source 1.2.3.100
server BBBB-8443 10.10.10.10:8443 ssl
The real server BBBB is over a satellite link, so it is about 700ms
"away" from haproxy.
"tcpdump" shows that haproxy resets the connection after each
request/response; each subsequent request needs to repeat the connection
handshake resulting in a quite slow access to BBBB.
I have setup a set of pages that generates three subsequent 302
redirects and a final page to show the effect.
I use 'curl' from the host where haproxy runs following the redirects.
Connecting directly to the real server, about 6 seconds are needed to
reach the end of the redirects.
time curl -k --interface 1.2.3.100 -L https://<real server IP
10.10.10.10>:8443/
[...]
real 0m5.774s
user 0m0.017s
sys 0m0.004s
Instead, if I reach the same pages over haproxy, the end of the run
comes after about 12 seconds.
time curl -k -L https://<haproxy IP 1.2.3.4>/
[...]
real 0m12.545s
user 0m0.018s
sys 0m0.005s
Is it expected? Which parameters should I look for? Something maybe in
the "defaults" or "global" section?
I did try some keepalive-related parameter, but, since I did not see any
change, I reverted everything to default settings.
Thank you for any help
.marcoc
