Hi Tim,
what you propose is difficult to test, since the HA proxy can only deliver
the SSL ports (it routes based upon SNI, so SSL is mandatory for the
routing). It won't work with plain tcp ports.
However, if I still use SSL but directly define mapped ports for both
brokers in the network
I think you may be right: because of the SSL termination, your load
balancer may be appearing to be alive even when the broker it's fronting is
dead, and so the failover logic won't work. Does the failover work
correctly if you switch to regular TCP for the transport? That would prove
or disprove