Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HAProxy truncating requests?

    Scheduled Pinned Locked Moved Cache/Proxy
    1 Posts 1 Posters 582 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      du8die
      last edited by

      I'm using HAProxy on PFSense (new install in March) to reverse proxy (LB) traffic to two back end IIS servers.

      It appears that every once in a while, I have a specific file that is having the last 4 characters truncated. When I hit one of the servers off of the load balancer, the request is always delivered in tact.

      When I check the request with fiddler, the content length of a truncated response and one that is in tact is the same, 574492.

      However, the end of the file is truncated. If I load the page 10 times, the specific script will work 9 of the 10 times.

      My config is below - and I'm pulling out my hair on this one. Does HAProxy do any internal caching? Don't even know where to begin.

      Thanks!

      # Automaticaly generated, dont edit manually.
      # Generated on: 2021-04-15 13:28
      global
      	maxconn			100000
      	stats socket /tmp/haproxy.socket level admin  expose-fd listeners
      	gid			80
      	nbproc			1
      	nbthread			1
      	hard-stop-after		15m
      	chroot				/tmp/haproxy_chroot
      	daemon
      	tune.ssl.default-dh-param	2048
      	server-state-file /tmp/haproxy_server_state
      
      listen HAProxyLocalStats
      	bind 127.0.0.1:2200 name localstats
      	mode http
      	stats enable
      	stats admin if TRUE
      	stats show-legends
      	stats uri /haproxy/haproxy_stats.php?haproxystats=1
      	timeout client 5000
      	timeout connect 5000
      	timeout server 5000
      
      frontend SharedFrontEnd-merged
      	bind			104.x.x.x:443 name 104.x.x.x:443   ssl crt-list /var/etc/haproxy/SharedFrontEnd.crt_list  
      	mode			http
      	log			global
      	option			http-keep-alive
      	option			forwardfor
      	acl https ssl_fc
      	http-request set-header		X-Forwarded-Proto http if !https
      	http-request set-header		X-Forwarded-Proto https if https
      	timeout client		300000
      	acl			app	var(txn.txnhost) -m str -i app.x.com
      	acl			aclcrt_APPFrontEnd	var(txn.txnhost) -m reg -i ^app\.x\.com(:([0-9]){1,5})?$
      	acl			api	var(txn.txnhost) -m str -i api.x.com
      	acl			aclcrt_APIFrontEnd	var(txn.txnhost) -m reg -i ^api\.x\.com(:([0-9]){1,5})?$
      	acl			public	var(txn.txnhost) -m beg -i public.x.com
      	acl			aclcrt_publicFrontend	var(txn.txnhost) -m reg -i ^public\.x\.com(:([0-9]){1,5})?$
      	acl			aclcrt_SharedFrontEnd	var(txn.txnhost) -m reg -i ^public\.x\.com(:([0-9]){1,5})?$
      	acl			process.x.com	var(txn.txnhost) -m str -i process.x.com
      	acl			aclcrt_processFrontend	var(txn.txnhost) -m reg -i ^process\.x\.com(:([0-9]){1,5})?$
      	acl			app	var(txn.txnhost) -m str -i testing.x.com
      	acl			aclcrt_TestingFrontEnd	var(txn.txnhost) -m reg -i ^testing\.x\.com(:([0-9]){1,5})?$
      	http-request set-var(txn.txnhost) hdr(host)
      	use_backend APPBackend_ipv4  if   aclcrt_APPFrontEnd
      	use_backend APPBackend_ipv4  if   aclcrt_APIFrontEnd
      	use_backend APPBackend_ipv4  if   aclcrt_publicFrontend
      	use_backend APPBackend_ipv4  if   aclcrt_SharedFrontEnd
      	use_backend ProcessBackend_ipvANY  if   aclcrt_processFrontend
      	use_backend APPBackend_ipv4  if   aclcrt_TestingFrontEnd
      
      frontend http-to-https
      	bind			104.x.x.x:80 name 104.x.x.x:80   
      	mode			http
      	log			global
      	option			http-keep-alive
      	timeout client		300000
      	http-request redirect scheme https 
      
      frontend AppInternalLB
      	bind			192.x.x.x:443 name 192.x.x.x:443   ssl crt-list /var/etc/haproxy/AppInternalLB.crt_list  
      	mode			http
      	log			global
      	option			http-keep-alive
      	option			forwardfor
      	acl https ssl_fc
      	http-request set-header		X-Forwarded-Proto http if !https
      	http-request set-header		X-Forwarded-Proto https if https
      	timeout client		30000
      	acl			app.x.com	var(txn.txnhost) -m str -i app.x.com
      	acl			aclcrt_AppInternalLB	var(txn.txnhost) -m reg -i ^app\.x\.com(:([0-9]){1,5})?$
      	http-request set-var(txn.txnhost) hdr(host)
      	use_backend APPBackend_ipv4  if   aclcrt_AppInternalLB
      
      backend APPBackend_ipv4
      	mode			http
      	id			10100
      	log			global
      	balance			roundrobin
      	timeout connect		300000
      	timeout server		300000
      	retries			3
      	source ipv4@ usesrc clientip
      	server			APP02 192.x.x.x:80 id 10102 check inter 1000  
      
      backend ProcessBackend_ipvANY
      	mode			http
      	id			103
      	log			global
      	timeout connect		30000
      	timeout server		30000
      	retries			3
      	server			process 192.x.x.x:80 id 104 check inter 1000
      
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.