Hi and thanks for a great load balancer. We're developing a much more complex proxy ruleset and being able to switch back to haproxy now that it supports DNS resolution was a huge relief!
Unfortunately DNS resolution is not doing what I expect given the configuration. When the downstream ELB to which the server points to switches IP addresses the backend is failing with a L4 timeout on the check. DNS queries are being made, see: https://gist.github.com/btisdall/31b57b57fee19dc79637 This is the output of "show stat resolvers": Resolvers section aws nameserver aws_0: sent: 2892976 valid: 2887729 update: 0 cname: 0 cname_error: 0 any_err: 0 nx: 0 timeout: 0 refused: 0 other: 0 invalid: 2887729 too_big: 0 truncated: 0 outdated: 0 Note that "valid" and "invalid" counts increase in exact step. Switching to "resolve-prefer ipv4" had no effect on this. Config ===== resolvers aws nameserver aws_0 10.111.0.2:53 # ... server myserver some-server.example.com:80 check resolvers aws Build Options ========== HA-Proxy version 1.6.1 2015/10/20 Copyright 2000-2015 Willy Tarreau <wi...@haproxy.org> Build options : TARGET = linux2628 CPU = generic CC = gcc CFLAGS = -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 OPTIONS = USE_ZLIB=1 USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.8 Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with OpenSSL version : OpenSSL 1.0.1f 6 Jan 2014 Running on OpenSSL version : OpenSSL 1.0.1f 6 Jan 2014 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes Built with PCRE version : 8.31 2012-07-06 PCRE library supports JIT : no (USE_PCRE_JIT not set) Built with Lua version : Lua 5.3.1 Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Regards, -- Ben
