Hello, I'm currently running haproxy 2.4.0 and I can see something strange in the way haproxy selects a backend for processing some requests.
This is simplified frontend configuration that should select between static and dynamic (websocket) content URIs based on path_beg. frontend wwws bind 0.0.0.0:443 ssl crt /etc/haproxy/ssl/server.pem alpn h2,http/1.1 mode http acl is_static_prod31 path_beg /p31/ acl is_dynamic_prod31 path_beg /n/p31/ acl is_domain_name hdr(host) -i domain.name use_backend ws_be_prod31 if is_dynamic_prod31 is_domain_name use_backend www_be_prod if is_static_prod31 is_domain_name default_backend www_be_prod What I can see in logs is that some requests are correctly processed and redirected to dynamic backends (websockets servers) for processing : Jun 7 15:44:41 host haproxy[9384]: 1.2.3.4:56952 [07/Jun/2021:15:43:31.926] wwws~ ws_be_prod31/s1 5/0/1/3/70015 101 421 - - --VN 34/34/27/8/0 0/0 "GET https://domain.name/n/p31/socket.io/... HTTP/2.0" While others are wrongly processed by the static web server : Jun 7 15:50:06 host haproxy[9384]: 1.2.3.4:61037 [07/Jun/2021:15:50:06.157] wwws~ www_be_prod/web1 6/0/1/1/7 404 9318 - - ---- 34/34/0/0/0 0/0 "GET https://domain.name:443/n/p31/socket.io/... HTTP/2.0" However the only difference is the 443 port explicitly specified in the later request. I am not sure it's something specific to 2.4.0, but I've never seen it before. Is it an expected behaviour ? If so, how can I change my acls to correct it ? -- Best regards, Artur
