Thanks both,
that explains it!
I was confused because we have a production HAproxy system that also has
"mode http" in the defaults but sends an empty FIN ACK in this case.
That is because that HAProxy is SSL-enabled, however, so it makes sense now!
Kind regards,
Pieter
On Mon, Aug 27, 2018 at 5:28 PM Willy Tarreau wrote:
> Hi Aleks, Pieter,
>
> On Mon, Aug 27, 2018 at 04:26:29PM +0200, Aleksandar Lazic wrote:
> > Hi.
> >
> > Am 27.08.2018 um 15:03 schrieb Pieter Thysebaert:
> (...)
> > > defaults
> > > log global
> > > modehttp
> >
> > The default mode is http.
> > When you change to tcp no http error message will be send.
>
> Sure but that's very likely not the goal here :-) The 400 is returned
> by default if an invalid or incomplete response is sent on the socket.
> If it is desired that an empty connection is not accounted as an error
> for example because you have a monitoring system sending probes to check
> the ports, then it's possible to do it by adding this line to the frontend
> :
>
> option http-ignore-probes
>
> However, be careful as it also means that requests truncated due to MTU
> issues caused by VPNs will not be detected. It really depends on the
> environment. I'd say as a rule of thumb, do not use this option unless
> you're annoyed by logs of empty requests or the error response causes
> trouble to a picky client.
>
> Regards,
> Willy
>
