Issue was not related to HAProxy.
apache error logs:
[Fri Sep 28 14:45:08 2012] [notice] child pid 24745 exit signal
Segmentation fault (11)
That must be mod_rpaf.
2012/9/28 Baptiste
> or any module manipulating the IP address :)
>
> Could you reply this on the ML please, so everybody will be aware that
> the issue is not related to HAProxy
>
> cheers
>
>
>
> On Fri, Sep 28, 2012 at 3:15 PM, bjun...@gmail.com
> wrote:
> > Hi,
> >
> > thanks Baptiste, you were right.
> >
> >
> > apache error logs:
> >
> > [Fri Sep 28 14:45:08 2012] [notice] child pid 24745 exit signal
> Segmentation
> > fault (11)
> >
> >
> > That must be mod_rpaf.
> >
> >
> > Bjoern
> >
> >
> >
> >
> > 2012/9/28 Baptiste
> >>
> >> HAProxy logged a SH termination code.
> >> From the documentation:
> >> SH The server aborted before sending its full HTTP response
> >> headers, or
> >> it crashed while processing the request. Since a server
> aborting
> >> at
> >> this moment is very rare, it would be wise to inspect its logs
> >> to
> >> control whether it crashed and why. The logged request may
> >> indicate a
> >> small set of faulty requests, demonstrating bugs in the
> >> application.
> >> Sometimes this might also be caused by an IDS killing the
> >> connection
> >> between haproxy and the server.
> >>
> >>
> >> I'm pretty sure your rpaf mode does not understand IPv6 and simply
> crashes
> >> :)
> >>
> >> cheers
> >>
> >>
> >>
> >> On Fri, Sep 28, 2012 at 2:48 PM, bjun...@gmail.com
> >> wrote:
> >> > Hi,
> >> >
> >> > thanks for quick reply.
> >> >
> >> >
> >> > Backend is Apache 2.2.14
> >> >
> >> >
> >> > log entry:
> >> >
> >> >
> >> > Sep 28 14:45:08 localhost haproxy[3432]:
> >> > 2001:XXX:XXX:X::XX:XXX:6977:41559 [28/Sep/2012:14:45:08.023]
> >> > http_in_v6
> >> > apache/node09 0/0/0/-1/25 502 204 - - SH-- 0/0/0/0/0 0/0 "GET /
> >> > HTTP/1.1"
> >> >
> >> >
> >> >
> >> > -
> >> > Bjoern
> >> >
> >> >
> >> >
> >> >
> >> > 2012/9/28 Baptiste
> >> >>
> >> >> Hi,
> >> >>
> >> >> Are you sure your backend server is able to process IPv6 address in
> >> >> headers?
> >> >> Could you provide HAProxy logs showing the 502?
> >> >>
> >> >> Regards
> >> >>
> >> >>
> >> >> On Fri, Sep 28, 2012 at 1:07 PM, bjun...@gmail.com <
> bjun...@gmail.com>
> >> >> wrote:
> >> >> > Hi folks,
> >> >> >
> >> >> > at the moment I'm testing IPv6 with HAProxy
> >> >> > ("IPv6-to-IPv4-Translation").
> >> >> >
> >> >> > Unfortunately IPv6-to-IPv4 HTTP-Connection doesn't work if you have
> >> >> > "option
> >> >> > forwardfor" in your IPv6-Frontend.
> >> >> > (produces 502 errors on every connection).
> >> >> >
> >> >> >
> >> >> > If I remove "option forwardfor" from the IPv6-Frontend
> ("http_in_v6")
> >> >> > it
> >> >> > is
> >> >> > working as expected.
> >> >> >
> >> >> >
> >> >> > Unfortunately our application behind HAProxy uses X-Forward-For -
> >> >> > header
> >> >> > for
> >> >> > different functions and also HTTP-Request-Logging is affected
> (Apache
> >> >> > Access-Log + mod_rpaf, only HAProxy-IP is now logged on
> IPv6-Requests
> >> >> > instead of the real client ip).
> >> >> >
> >> >> >
> >> >> > Ubuntu 12.04 amd64, haproxy 1.4.22
> >> >> >
> >> >> >
> >> >> > haproxy.cfg :
> >> >> >
> >> >> >
> >> >> > global
> >> >> > log 127.0.0.1 local0
> >> >> > log 127.0.0.1 local1 notice
> >> >> > maxconn 2
> >> >> > ulimit-n 65536
> >> >> > user haproxy
> >> >> > group haproxy
> >> >> > daemon
> >> >> > stats socket /var/run/haproxy.sock mode 0600 level admin
> >> >> >
> >> >> >
> >> >> > defaults
> >> >> > log global
> >> >> > modehttp
> >> >> > option httplog
> >> >> > option dontlognull
> >> >> > retries 3
> >> >> > option redispatch
> >> >> > maxconn 19500
> >> >> > timeout connect 10s
> >> >> > timeout client 60s
> >> >> > timeout server 60s
> >> >> > timeout queue 60s
> >> >> >
> >> >> >
> >> >> > frontend http_in_v6
> >> >> > bind 2001:XXX:XXX:37::9:80
> >> >> >
> >> >> > reqidel ^X-Forwarded-For:.*
> >> >> > option forwardfor
> >> >> >
> >> >> > option http-server-close
> >> >> >
> >> >> > default_backend apache
> >> >> >
> >> >> >
> >> >> >
> >> >> > frontend http_in
> >> >> > bind 81.x.x.x:80
> >> >> >
> >> >> > reqidel ^X-Forwarded-For:.*
> >> >> > option forwardfor
> >> >> >
> >> >> > option http-server-close
> >> >> >
> >> >> > default_backend apache
> >> >> >
> >> >> >
> >> >> >
> >> >> > backend apache
> >> >> > balance roundrobin
> >> >> >
> >> >> > appsession PHPSESSID len 64 timeout 3h request-learn prefix
> >> >> >
> >> >> > option httpchk GET /health.php HTTP/1.0\r\nUser-Agent:\ HAProxy
> >> >> > http-check expect status 200
> >> >> >
> >> >> > server apache09 192.168.3.109:80 check inter 1 rise 2
> fal