Haproxy Hangs on HTTPS File Transfers
So I have pfsense set up with haproxy running as an HTTPS-enabled reverse proxy for other services inside my network.
I moved my pfsense box off my edge a while back, so I have port 443 forwarded from my router to the pfsense box. This setup works great for hitting a variety of HTTP endpoints on various hosts inside my network.
One such endpoint is my Synology NAS. Accessing the web interface for the NAS over the reverse proxy works great, however, whenever I try to download a file via the web interface over HTTPS relayed via the pfsense + haproxy reverse proxy, the file transfer makes it a little over 1MB before it hangs and time out, and the haproxy instance becomes completely unresponsive to any connections originating from the forwarded port via the router.
I can still access the haproxy instance from other machines locally, but any external attempts simply timeout.
Restarting the haproxy service is not sufficient to restore functionality either. I have to reboot the entire pfsense box to restore functionality again, which leads me to believe it is not necessarily haproxy that is having the issue, but something in pfsense itself.
To rule out an issue with the Synology box or the web interface, I tunneled the web interface port directly, bypassing my reverse proxy, and file transfers work perfectly fine, also over HTTPS.
Any ideas how to troubleshoot this?
Let me know what details would help.
Have you tried without proxy?
Take a look at this post, can you add the same as me and try again?
Piba recommended this and it resolved all of my issues…
Yes, when I bypass the proxy and connect directly, it works just fine.
To clarify, setting the option 'nokqueue' in haproxy config resolved the issue for you?
Did you add this to the 'Custom options' section?
I'll give this a try and report back
Its global passtrough settings…