HAProxy truncating requests?
-
I'm using HAProxy on PFSense (new install in March) to reverse proxy (LB) traffic to two back end IIS servers.
It appears that every once in a while, I have a specific file that is having the last 4 characters truncated. When I hit one of the servers off of the load balancer, the request is always delivered in tact.
When I check the request with fiddler, the content length of a truncated response and one that is in tact is the same, 574492.
However, the end of the file is truncated. If I load the page 10 times, the specific script will work 9 of the 10 times.
My config is below - and I'm pulling out my hair on this one. Does HAProxy do any internal caching? Don't even know where to begin.
Thanks!
# Automaticaly generated, dont edit manually. # Generated on: 2021-04-15 13:28 global maxconn 100000 stats socket /tmp/haproxy.socket level admin expose-fd listeners gid 80 nbproc 1 nbthread 1 hard-stop-after 15m chroot /tmp/haproxy_chroot daemon tune.ssl.default-dh-param 2048 server-state-file /tmp/haproxy_server_state listen HAProxyLocalStats bind 127.0.0.1:2200 name localstats mode http stats enable stats admin if TRUE stats show-legends stats uri /haproxy/haproxy_stats.php?haproxystats=1 timeout client 5000 timeout connect 5000 timeout server 5000 frontend SharedFrontEnd-merged bind 104.x.x.x:443 name 104.x.x.x:443 ssl crt-list /var/etc/haproxy/SharedFrontEnd.crt_list mode http log global option http-keep-alive option forwardfor acl https ssl_fc http-request set-header X-Forwarded-Proto http if !https http-request set-header X-Forwarded-Proto https if https timeout client 300000 acl app var(txn.txnhost) -m str -i app.x.com acl aclcrt_APPFrontEnd var(txn.txnhost) -m reg -i ^app\.x\.com(:([0-9]){1,5})?$ acl api var(txn.txnhost) -m str -i api.x.com acl aclcrt_APIFrontEnd var(txn.txnhost) -m reg -i ^api\.x\.com(:([0-9]){1,5})?$ acl public var(txn.txnhost) -m beg -i public.x.com acl aclcrt_publicFrontend var(txn.txnhost) -m reg -i ^public\.x\.com(:([0-9]){1,5})?$ acl aclcrt_SharedFrontEnd var(txn.txnhost) -m reg -i ^public\.x\.com(:([0-9]){1,5})?$ acl process.x.com var(txn.txnhost) -m str -i process.x.com acl aclcrt_processFrontend var(txn.txnhost) -m reg -i ^process\.x\.com(:([0-9]){1,5})?$ acl app var(txn.txnhost) -m str -i testing.x.com acl aclcrt_TestingFrontEnd var(txn.txnhost) -m reg -i ^testing\.x\.com(:([0-9]){1,5})?$ http-request set-var(txn.txnhost) hdr(host) use_backend APPBackend_ipv4 if aclcrt_APPFrontEnd use_backend APPBackend_ipv4 if aclcrt_APIFrontEnd use_backend APPBackend_ipv4 if aclcrt_publicFrontend use_backend APPBackend_ipv4 if aclcrt_SharedFrontEnd use_backend ProcessBackend_ipvANY if aclcrt_processFrontend use_backend APPBackend_ipv4 if aclcrt_TestingFrontEnd frontend http-to-https bind 104.x.x.x:80 name 104.x.x.x:80 mode http log global option http-keep-alive timeout client 300000 http-request redirect scheme https frontend AppInternalLB bind 192.x.x.x:443 name 192.x.x.x:443 ssl crt-list /var/etc/haproxy/AppInternalLB.crt_list mode http log global option http-keep-alive option forwardfor acl https ssl_fc http-request set-header X-Forwarded-Proto http if !https http-request set-header X-Forwarded-Proto https if https timeout client 30000 acl app.x.com var(txn.txnhost) -m str -i app.x.com acl aclcrt_AppInternalLB var(txn.txnhost) -m reg -i ^app\.x\.com(:([0-9]){1,5})?$ http-request set-var(txn.txnhost) hdr(host) use_backend APPBackend_ipv4 if aclcrt_AppInternalLB backend APPBackend_ipv4 mode http id 10100 log global balance roundrobin timeout connect 300000 timeout server 300000 retries 3 source ipv4@ usesrc clientip server APP02 192.x.x.x:80 id 10102 check inter 1000 backend ProcessBackend_ipvANY mode http id 103 log global timeout connect 30000 timeout server 30000 retries 3 server process 192.x.x.x:80 id 104 check inter 1000
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.