Hi Lukas,
Le 19 févr. 2018 23:37, "Lukas Tribus" <lu...@ltri.eu> a écrit : Hello Baptiste, On 19 February 2018 at 18:59, Baptiste <bed...@gmail.com> wrote: > Hi guys, > > While working with consul, I discovered a "false positive" corner case which > triggers a downgrade of the accepted_payload_size. Is this downgrade at good thing in the first place? Doesn't it hide configuration and network issues, make troubleshooting more complex and the haproxy behavior less predictable? It is an rfc recommendation (rfc number is commented somewhere in the source code, but I am on a mobile and can't access it). Its purpose is to hide networking issues when responses has to cross the internet and behavior is not predictable. By default, haproxy announces 512 bytes of accepted payload which can be too low for some use cases. Hence we can also announce acceptance of big payloads and must provide a failover to a safe value if we never ever receive any response. In my case, I received many response for multiple backend and was receiving nx domains and unfortunately triggered the downgrade to lower accepted buffers. When we see a response with the TC flag set, do we drop it or do we still consider the DNS response? Haproxy ignores tc flag for now. Later, it will have to trigger a failover to tcp. Also, do any of those code paths set srv_admin_state to 0x60 (combination between SRV_ADMF_RMAINT and SRV_ADMF_HMAINT state)? I'm thinking about this thread: https://discourse.haproxy.org/t/haproxy-1-8-2-1-8-3-dns- auto-discover-stop-working/2014/12 I don't think so. It's purely DNS layer. I will confirm that once I have access to a computer. Baptiste
