Sometimes clients (clients are only http 1.1 and use connection: close) are reporting a body length of ~4000 is less than the content length of ~14000. The issue does not appear when using nginx as an LB and I've verified complete responses are being sent from the backends for the requests clients report errors on.
It's not clear why a portion of the clients aren't receiving the entire response. I'm unable to replicate the issue with curl. I have a vanilla config using https, prometheus metrics, and a h1-case-adjust-bogus-client option to adjust a couple headers. Has anyone come across similar issues? I see an option for request buffering but nothing for response buffering. Are there options I can adjust that could be related to this type of issue? ``` $ haproxy -vv HA-Proxy version 2.2.11 2021/03/18 - https://haproxy.org/ Status: long-term supported branch - will stop receiving fixes around Q2 2025. Known bugs: http://www.haproxy.org/bugs/bugs-2.2.11.html Running on: Linux 4.9.0-13-amd64 #1 SMP Debian 4.9.228-1 (2020-07-05) x86_64 Build options : TARGET = linux-glibc CPU = generic CC = gcc CFLAGS = -O2 -g -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initializers -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference OPTIONS = USE_PCRE2=1 USE_OPENSSL=1 USE_LUA=1 USE_ZLIB=1 USE_SYSTEMD=1 DEBUG = Feature list : +EPOLL -KQUEUE +NETFILTER -PCRE -PCRE_JIT +PCRE2 -PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED +BACKTRACE -STATIC_PCRE -STATIC_PCRE2 +TPROXY +LINUX_TPROXY +LINUX_SPLICE +LIBCRYPT +CRYPT_H +GETADDRINFO +OPENSSL +LUA +FUTEX +ACCEPT4 -CLOSEFROM +ZLIB -SLZ +CPU_AFFINITY +TFO +NS +DL +RT -DEVICEATLAS -51DEGREES -WURFL +SYSTEMD -OBSOLETE_LINKER +PRCTL +THREAD_DUMP -EVPORTS Default settings : bufsize = 16384, maxrewrite = 1024, maxpollevents = 200 Built with multi-threading support (MAX_THREADS=64, default=48). Built with OpenSSL version : OpenSSL 1.1.0l 10 Sep 2019 Running on OpenSSL version : OpenSSL 1.1.0l 10 Sep 2019 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 Built with Lua version : Lua 5.3.3 Built with network namespace support. Built with zlib version : 1.2.8 Running on zlib version : 1.2.8 Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Built with PCRE2 version : 10.22 2016-07-29 PCRE2 library supports JIT : no (USE_PCRE2_JIT not set) Encrypted password support via crypt(3): yes Built with gcc compiler version 6.3.0 20170516 Built with the Prometheus exporter as a service Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Available multiplexer protocols : (protocols marked as <default> cannot be specified using 'proto' keyword) fcgi : mode=HTTP side=BE mux=FCGI <default> : mode=HTTP side=FE|BE mux=H1 h2 : mode=HTTP side=FE|BE mux=H2 <default> : mode=TCP side=FE|BE mux=PASS Available services : prometheus-exporter Available filters : [SPOE] spoe [COMP] compression [TRACE] trace [CACHE] cache [FCGI] fcgi-app $ cat haproxy.cfg global log /dev/log local0 notice chroot /var/lib/haproxy stats timeout 30s user haproxy daemon maxconn 1024000 nbproc 1 nbthread 30 ssl-default-bind-options ssl-min-ver TLSv1.0 no-tls-tickets h1-case-adjust content-length Content-Length h1-case-adjust date Date defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 option h1-case-adjust-bogus-client frontend https bind *:443 ssl crt /cert.pem acl PATH path /path http-request deny deny_status 404 unless PATH default_backend servers backend servers balance roundrobin option forwardfor if-none option httpchk GET /metrics server one 192.168.1.10:8080 check server two 192.168.1.11:8080 check frontend stats bind 192.168.1.1:9001 http-request use-service prometheus-exporter if { path /metrics } stats enable stats uri / stats realm Haproxy\ Statistics ```