Hello,
I have a setup witg 5 HAProxy v1.8.14-52e4d43, using replicated one
replicated sticky table. This is the relevant config:
peers cluster_hap
peer afrodite 10.0.0.2:7600
peer artemis 10.0.0.3:7600
peer atena 10.0.0.4:7600
peer demeter 10.0.0.5:7600
peer minerva 10.0.0.6:7600
frontend https
bind *:443 tfo ssl crt /etc/haproxy/certs/xxx.pem alpn h2,http/1.1
acl local_ips src 172.17.0.0/16
stick-table type ip size 1000 expire 10s store conn_cur peers
cluster_hap
tcp-request connection track-sc0 src
tcp-request connection accept if local_ips
tcp-request connection reject if { src_conn_cur gt 100 }
tcp-request connection accept
tcp-request inspect-delay 1s
tcp-request content accept if local_ips
tcp-request content accept if { src_conn_cur le 20 }
tcp-request content accept if WAIT_END
This works fine most of the time, but every now and then, when I check the
stick table contents, one or more IPs show up with an absurd number of
cunn_cur - Often around 4 Billion entries - A number very close to
the 32-bit unsigned int data type limit.
[image: image.png]
Feels like a bug, but I am not sure how to report it, or if I am doing
something wrong in my setup, can you please advise?
BR.,
Emerson
