Hi
-Original Message-
From: pet...@gmx-ist-cool.de [mailto:pet...@gmx-ist-cool.de]
Sent: 28. toukokuuta 2009 18:12
To: haproxy@formilux.org
Subject: Re: An IE bug and HAproxy?
I run into a similar problem, when using haproxy version greater 1.3.16 in
conjunction with ssl (stunnel). After a post no data was sent back to IE.
Using firefox everything is fine.
I also noticed that the order of the entries on the statistic's page
changed with the new versions.
I have hopefully some additional info. I managed to collect data with
Wireshark on the same computer HAproxy and Stunnel is installed.
Here's the data between the browser (xxx.xxx.xxx.xxx) and Stunnel
(10.1.1.111):
4991,12:00:16.127353,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TCP
,4191 https [ACK] Seq=1 Ack=1 Win=17520 Len=0
4992,12:00:16.129101,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Client Hello, [Unreassembled Packet]
4993,12:00:16.129110,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TCP
,https 4191 [ACK] Seq=1 Ack=103 Win=5840 Len=0
4994,12:00:16.129254,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TLSv
1,Server Hello, [Packet size limited during capture]
4995,12:00:16.144093,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Change Cipher Spec, Encrypted Handshake Message, [Unreassembled Packet]
4996,12:00:16.154336,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Application Data, [Unreassembled Packet]
4997,12:00:16.154344,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TCP
,https 4191 [ACK] Seq=123 Ack=1272 Win=7882 Len=0
5003,12:00:16.159832,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Application Data, [Unreassembled Packet]
5004,12:00:16.165080,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Ignored Unknown Record, [Packet size limited during capture]
5005,12:00:16.165086,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TCP
,https 4191 [ACK] Seq=123 Ack=4192 Win=13140 Len=0
5006,12:00:16.173575,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Ignored Unknown Record, [Packet size limited during capture]
5007,12:00:16.178821,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Ignored Unknown Record, [Packet size limited during capture]
5008,12:00:16.178827,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TCP
,https 4191 [ACK] Seq=123 Ack=7112 Win=18980 Len=0
5009,12:00:16.184443,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Ignored Unknown Record, [Packet size limited during capture]
5010,12:00:16.189565,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Ignored Unknown Record, [Packet size limited during capture]
5011,12:00:16.189571,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TCP
,https 4191 [ACK] Seq=123 Ack=10032 Win=24820 Len=0
5012,12:00:16.194812,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Ignored Unknown Record, [Packet size limited during capture]
5013,12:00:16.200184,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Ignored Unknown Record, [Packet size limited during capture]
5014,12:00:16.200190,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TCP
,https 4191 [ACK] Seq=123 Ack=12952 Win=30660 Len=0
5015,12:00:16.205556,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Encrypted Alert, [Unreassembled Packet]
5016,12:00:16.208180,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TLSv
1,Ignored Unknown Record, [Packet size limited during capture]
5017,12:00:16.208185,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TCP
,https 4191 [ACK] Seq=123 Ack=15258 Win=33580 Len=0
23637,12:01:17.141752,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TLS
v1,Application Data, [Unreassembled Packet]
23641,12:01:17.141894,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TLS
v1,Application Data, [Unreassembled Packet]
23642,12:01:17.141977,10.1.1.111,https,xxx.xxx.xxx.xxx,4191,TLS
v1,Ignored Unknown Record, [Packet size limited during capture]
23650,12:01:17.162884,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TCP
,4191 https [ACK] Seq=15258 Ack=1898 Win=17520 Len=0
23653,12:01:17.163960,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TCP
,4191 https [ACK] Seq=15258 Ack=2116 Win=17303 Len=0
23654,12:01:17.164606,xxx.xxx.xxx.xxx,4191,10.1.1.111,https,TCP
,4191 https [RST, ACK] Seq=15258 Ack=2116 Win=0 Len=0
and here the data between HAproxy (10.1.1.200) and the web server
(10.1.1.222):
4998,12:00:16.154462,10.1.1.200,53757,10.1.1.222,http,TCP,537
57 http [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=3515036725 TSER=0 WS=0
4999,12:00:16.154586,10.1.1.222,http,10.1.1.200,53757,TCP,htt
p 53757 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1460 TSV=445520735
TSER=3515036725 WS=2
5000,12:00:16.154604,10.1.1.200,53757,10.1.1.222,http,TCP,537
57 http [ACK] Seq=1 Ack=1 Win=5840 Len=0 TSV=3515036725 TSER=445520735
5001,12:00:16.154616,10.1.1.200,53757,10.1.1.222,http,HTTP,PO
ST /amd/p/salespeople/7cc2ph [Packet size limited during capture]
5002,12:00:16.154960,10.1.1.222,http,10.1.1.200,53757,TCP,htt
p 53757 [ACK] Seq=1 Ack=1083 Win=7956 Len=0 TSV=445520736 TSER=3515036725
5018,12:00:16.208350,10.1.1.200,53757,10.1.1.222,http,HTTP,Co
ntinuation or non-HTTP traffic[Packet size limited during capture]
5019,12:00:16.208356,10.1.1.200,53757,10.1.1.222,http,HTTP,Co
ntinuation or non-HTTP