On 3/10/25 15:39, Lukas Tribus wrote: >> In this case for me it does not actually abort and haproxy goes into a >> busy loop over this bind(). > > To reproduce this busy loop with a 5 line config: > > lukas@dev:~/haproxy$ cat ../cert/dns-source-bind-short.cfg > resolvers default > nameserver ns1 tcp4@8.8.8.8:53 source 192.168.99.99 > listen listen > mode http > bind :8080 > server s1 www.google.com resolvers default init-addr none > > lukas@dev:~/haproxy$ ./haproxy -f ../cert/dns-source-bind-short.cfg ^C > [ALERT] (5227) : Cannot bind to source address before connect() for > backend default. Aborting. > [ALERT] (5227) : Cannot bind to source address before connect() for > backend default. Aborting. > [ALERT] (5227) : Cannot bind to source address before connect() for > backend default. Aborting. > [ALERT] (5227) : Cannot bind to source address before connect() for > backend default. Aborting. > [ALERT] (5227) : Cannot bind to source address before connect() for > backend default. Aborting. > [ALERT] (5227) : Cannot bind to source address before connect() for > backend default. Aborting. > ^C > > > Lukas
Nice catch Lukas, can also reproduce without "source". Looks like similar issue to what we recently fixed for tcp rings (https://github.com/haproxy/haproxy/commit/9561b9fb6964af325a10e7128b563114f144a3cb). resolver's code is probably trying to establish the connection attempt over and over without any tempo between 2 attempts. Aurelien
