HAProxy community

Balance IP OK, balance dns name KO

Good morning, I installed HAProxy to balance 2 web servers, and I created 2 text files within these web servers to understand when one or another server is used, then from my PC if I go to the address “https://firsttest.domain.com/number_server.txt” every refresh balance towards a different web server, ALL OK, even the DNS configuration.

The problem is that if instead I point to “https://firsttest.dominio.com”, then to the homepage of the site, instead I get:

firsttest.domain.com has redirected you too many times.
Try to clear the cookie.
ERR_TOO_MANY_REDIRECTS

With the IP Address instead it working.

What could be the problem?

Thanks.

Hi, @papali,

Seems like your HAProxy and webservers have the same domain name, firsttest.domain.com, possibly, with both DNS and resolv.conf.

To check it: please post your haproxy.conf and results of DNS lookups of {{firsttest.domain.com}} and DNS name that your HAProxy is pointed to (the one for webservers).

Thanks 1000 for your help!

DNS Server : tst-c801.domain.com 192.168.111.82
HAProxy : tst-haproxy.domain.com 192.168.111.85
Web Server1 : tst-web05.domain.com 192.168.111.41
Web Server2 : tst-web06.domain.com 192.168.111.42
url to balance : firsttest.domain.com

This is the haproxy.conf

#---------------------------------------------------------------------
#Example configuration for a possible web application. See the
#full configuration options online.

#https://www.haproxy.org/download/1.8/doc/configuration.txt

#---------------------------------------------------------------------

#---------------------------------------------------------------------
#Global settings
#---------------------------------------------------------------------
global
#to have these messages end up in /var/log/haproxy.log you will
#need to:
#
#1) configure syslog to accept network log events. This is done
#by adding the ‘-r’ option to the SYSLOGD_OPTIONS in
#/etc/sysconfig/syslog
#
#2) configure local2 events to go to the /var/log/haproxy.log
#file. A line like the following can be added to
#/etc/sysconfig/syslog
#
#local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2

chroot      /var/lib/haproxy
pidfile     /var/run/haproxy.pid
maxconn     4000
user        haproxy
group       haproxy
daemon

#turn on stats unix socket
stats socket /var/lib/haproxy/stats

#utilize system-wide crypto-policies
ssl-default-bind-ciphers PROFILE=SYSTEM
ssl-default-server-ciphers PROFILE=SYSTEM

tune.ssl.default-dh-param 2048

#---------------------------------------------------------------------
#common defaults that all the ‘listen’ and ‘backend’ sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
option forwardfor
option http-server-close
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000

#---------------------------------------------------------------------
#main frontend which proxys to the backends
#---------------------------------------------------------------------
#frontend main
#bind *:5000
#acl url_static path_beg -i /static /images /javascript /stylesheets
#acl url_static path_end -i .jpg .gif .png .css .js

#use_backend static if url_static
#default_backend app

frontend stats
bind *:1234
stats enable
stats uri /stats
stats refresh 10s
stats realm Haproxy\ Statistics
stats auth root:password

#---------------------------------------------------------------------
#static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:4331 check

#---------------------------------------------------------------------
#round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 127.0.0.1:5001 check
server app2 127.0.0.1:5002 check
server app3 127.0.0.1:5003 check
server app4 127.0.0.1:5004 check

#option httpchk HEAD / HTTP/1.1\r\nHost:\ localhost
#Check the server application is up and healty - 200 status code
#server nginx1.example.com 172.16.19.37:80 check # NGINX Server1
#server nginx2.example.com 172.16.19.38:80 check # NGNIX Server2

frontend www-http
bind 192.168.111.85:80
reqadd X-Forwarded-Proto:\ http
default_backend www-backend

frontend www-https
bind 192.168.111.85:443 ssl crt /certs/certificate.pem
reqadd X-Forwarded-Proto:\ https
default_backend www-backend

backend www-backend
redirect scheme https if !{ ssl_fc }
server tst-web05 192.168.111.41:80 check
server tst-web06 192.168.111.42:80 check


This is the nslookup result for firsttest.domain.com from my haproxy server:

[root@tst-haproxy ~]# nslookup firsttest.domain.com
Server: 192.168.111.82
Address: 192.168.111.82#53

Name: firsttest.domain.com
Address: 192.168.111.85


This is the nslookup for tst-web05 from haproxy server:

nslookup tst-web05.altea.net
Server: 192.168.111.82
Address: 192.168.111.82#53

Name: tst-web05.altea.net
Address: 192.168.111.41


I get the same results if i do the nslookup from tst-web05

Thanks in advance!!!

some idea?