Hey Willy, We have 1.4.11 - so how do we use the workaround - This is already in prod and I need to work around it before we can get to the root cause.
./haproxy -version HA-Proxy version 1.4.11 2011/02/10 Copyright 2000-2010 Willy Tarreau <w...@1wt.eu> Thanks Sachin -----Original Message----- From: Willy Tarreau [mailto:w...@1wt.eu] Sent: Tuesday, June 14, 2011 11:03 AM To: Sachin Shetty Cc: 'Cassidy, Bryan'; haproxy@formilux.org Subject: Re: Apache translates 500 to 502 from haproxy On Tue, Jun 14, 2011 at 12:28:55AM +0530, Sachin Shetty wrote: > Hey Bryan, > > I did check Cherrypy response by directly posting the same request via curl > and it looks ok to me. > > A few interesting things are: > 1. haproxy logs the response as 401 correctly - its apache which is calling > haproxy marks it 502 > 2. It's a post request > 3. Even via haproxy, it works when posting smaller files, but get the bad > proxy error when posting a bigger file like 1.5MB+ file I don't like this, it smells like the issue we have with Linux dropping all socket contents after a close() if the client sends more data. What version of haproxy are you running ? A workaround for this issue was added into 1.4.9. It made haproxy read ad much as it could from the connection before closing. Ideally, a network trace of what is received and sent by haproxy when the issue happens would be of great help to try to improve the behaviour without turning it into an easy DoS vulnerability. Willy
