• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

HAProxy internal DNS resolution issue on backend servers

Scheduled Pinned Locked Moved Cache/Proxy
3 Posts 2 Posters 3.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    JeFizz
    last edited by JeFizz Dec 6, 2018, 5:07 PM Dec 6, 2018, 4:36 PM

    Greetings and Salutations,

    I'm a bit baffled as to why this is not working for me. For some reason HAProxy is unable to resolve DNS hosts using the internal DNS server. OK, a little tangent here... before I go on, would using an internal only domain of blahblahblah.lo be an issue? Just thinking out loud mid sentence, sorry. All of it works great if I use the IP addresses of the backend server, so that's why I am not going to go into extreme detail unless necessary about what is actually configured for the frontend and backend stuff. It must have something to do with DNS resolution on the local network (LAN) interface and how HAProxy resolved things.

    My local DNS server is defined in HAProxy \ Settings \ Global DNS resolvers, which I would assume should do the trick. pfSense DNS servers are pointing to external DNS resolvers, my local DNS server is not listed. (local DNS server forwards to pfSense) I also tried the setting in pfSense under System \ General Setup \ Disable DNS Forwarder, but that also didn't resolve the resolution issues for the backend servers.

    Versions and things:

    2.4.5-DEVELOPMENT (amd64)
    built on Sun Nov 11 18:59:27 EST 2018
    FreeBSD 11.2-RELEASE-p4

    haproxy 0.59_14

    My HAProxy setup contains the following:

    Frontends:

    • Listen: WAN (IPv4 and IPv6) http (80)

      • http redirect to https (443)

    • Listen: WAN https (443)

      • SSL Offload
      • host header match yada.blahblahblah.com
        • use backend yada.blahblahblah.lo
      • host header match mmhmm.blahblahblah.com
        • use backend mmhmm.blahblahblah.lo
      • so on and so forth

    Backends:

    • Server address+port yada.blahblahblah.lo 80
    • Server address+port mmhmm.blahblahblah.lo 80
    • etc.

    Error(s):

    Errors found while starting haproxy
[ALERT] 339/105432 (78471) : parsing [/var/etc/haproxy_test/haproxy.cfg:86] : 'yada.blahblahblah.lo' : could not resolve address 'yada.blahblahblah.lo'.

    Like I said before, using the IP addresses for these backend servers works great. Using the internal DNS host name does not.

    Help!

    P 1 Reply Last reply Dec 6, 2018, 6:35 PM Reply Quote 0
    • P
      PiBa @JeFizz
      last edited by Dec 6, 2018, 6:35 PM

      @jefizz
      Try adding on HAProxy \ Settings \ Global Advanced pass thru:

      defaults
  default-server init-addr last,libc,none

      Or perhaps:

      defaults
  default-server init-addr last,none

      That should 'fix' the error. The issue happens as the dns-resolvers configured in HAProxy itself aren't used at its startup.. It might still cause a little hiccup when HAProxy is starting and servers still need to be resolved. But should fix itself after the first health-check.

      1 Reply Last reply Reply Quote 1
      • J
        JeFizz
        last edited by Dec 6, 2018, 8:43 PM

        @PiBa Once I made that setting change and turned the HTTP monitoring back on it started working.

        Thanks!!

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received