On Tue, Jun 14, 2011 at 12:28:55AM +0530, Sachin Shetty wrote: > Hey Bryan, > > I did check Cherrypy response by directly posting the same request via curl > and it looks ok to me. > > A few interesting things are: > 1. haproxy logs the response as 401 correctly - its apache which is calling > haproxy marks it 502 > 2. It's a post request > 3. Even via haproxy, it works when posting smaller files, but get the bad > proxy error when posting a bigger file like 1.5MB+ file
I don't like this, it smells like the issue we have with Linux dropping all socket contents after a close() if the client sends more data. What version of haproxy are you running ? A workaround for this issue was added into 1.4.9. It made haproxy read ad much as it could from the connection before closing. Ideally, a network trace of what is received and sent by haproxy when the issue happens would be of great help to try to improve the behaviour without turning it into an easy DoS vulnerability. Willy