Recently started noticing a lot of ssl handshake failures in the log files. Upon further investigation >90% of the IPs are Apple iCloud private relay: https://www.apple.com/privacy/docs/iCloud_Private_Relay_Overview_Dec2021.PDF
The same IPs will eventually make a successful connection and GET request. The question is: is this how it has to be? Just how their proxy behaves? Or is there a configuration that can be applied to prevent all the errors?
We have multiple load balancers running, same domain but a few different IPs.
Don’t expect this many connection errors. Getting hundreds per second.
Install latest haproxy.
Enable error logging on https frontend.
Check log files, many ssl handshake failures will start with the IP 104.28…