Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    HAProxy, websockets, "timeout tunnel" and the defaults section

    pfSense Packages
    2
    3
    2715
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mitchese last edited by

      Hi Everyone,

      I have a problem where a websocket is timing out after 60s, and the application is then refreshing the page. Without HAProxy everything works fine.

      The client sees "Connection lost, reconnecting" and the server sees

      2017-07-02 21:42:06 DEBUG (MainThread) [components.websocket_api] WS 1786937776: Connection cancelled by server
      2017-07-02 21:42:06 DEBUG (MainThread) [components.websocket_api] WS 1786937776: Closed connection

      A bunch of googling has turned up [1], which basically says the following:

      defaults:
              […]
              timeout tunnel 1h

      I can't find where to add this for a default config for the haproxy configuration. It's not the "Global advanced pass thru/ Custom Options" section (on the Settings main tab). I've also tried in various spots on the backends and frontends (which I am using a shared frontends) which are affected by web sockets with no luck.

      Does anyone have any hits for websockets & haproxy which is successfully working?

      [1] https://www.haproxy.com/blog/websockets-load-balancing-with-haproxy/

      1 Reply Last reply Reply Quote 0
      • M
        mitchese last edited by

        A follow-up, if I manually edit /var/etc/haproxy/haproxy.cfg, insert the 'timeout tunnel 1h', and restart haproxy by hand, everything works. So my solution is correct, I just need to figure out how to insert this into the pfsense GUI so that it is not overwritten any time the service is restarted or the config is changed via the gui.

        1 Reply Last reply Reply Quote 0
        • B
          brettjonesoz last edited by

          Found your post whilst trying to fix a similar problem.

          I managed to get things to work with your hint.

          I simply added the "timeout tunnel 3600s" under the relevant backend -> advanced settings -> backend pass thru

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy