Haproxy fighting internally which server to use

Installed on two Ubuntu servers Jitsi and Jellyfin, both working fine if in Haproxy is only one server defined.
Two servers, with roundrobin or leastconnection are interrupting each other to send the data, result in jitsi is that a disconnect is initiated direct after connect. Wit jellyfin I see that connection can take ages before see the movies and music maps.
I tested each connection separated with use of Haproxy to make the secure connection, all is working flawless.
The Haproxy config file is added after editing domain names and IP addresses.
This is the config working for now.
Please let me know what is wrong and why with both servers above behavior appear.

log /dev/log local0
log /dev/log local1 debug
ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
ssl-default-bind-options no-sslv3

log global
mode http
option httplog
option dontlognull
option http-server-close
option httpchk
option forwardfor
timeout connect 5000
timeout check 5000
timeout client 30000
timeout server 90000

listen stats
bind public.ip.11:1936
mode http
stats enable
stats hide-version
stats realm Haproxy\ Statistics
stats uri / mode http
stats hide-version
stats refresh 30s
stats show-node
#The user/pass you want to use. Change this password!
stats auth name:passwd
#Authentication realm. This can be set to anything. Escape space characters with a backslas
stats admin if TRUE

#default_backend www-backend

frontend www
bind *:81
# Redirect HTTP to HTTPS (works with ‘mode http’ only)
http-request redirect scheme https code 301 unless { ssl_fc }
bind *:443 ssl crt /etc/haproxy/ssl/domain.nl.pem
#bind *:443 ssl crt /etc/haproxy/ssl/domain.nl.pem crt /etc/haproxy/ssl/www.example2.com.pem crt /etc/haproxy/ssl/www.example3.com.pem

#ADDED 21-08-2018 FOR SSL RENEW - TO TEST<–>
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
use_backend letsencrypt-backend if letsencrypt-acl

acl www_films_domain_nl hdr(host) -i www.films.domain.nl
acl films.domain.nl hdr(host) -i films.domain.nl
acl www_jitsi_domain_nl hdr(host) -i www.jitsi.domain.nl
acl jitsi.domain.nl hdr(host) -i jitsi.domain.nl
#acl host_example2_com hdr(host) -i example2.com
#acl host_example3_com hdr(host) -i example3.com

use_backend web11 if { hdr(host) -i www_films_domain_nl }
use_backend web11 if { hdr(host) -i films.domain.nl }
use_backend web12 if { hdr(host) -i www_jitsi_domain_nl }
use_backend web12 if { hdr(host) -i jitsi.domain.nl }
#use_backend web11 if host_example2_com
#use_backend web12 if host_example3_com

#default_backend www-backend

backend web11
balance roundrobin
http-check send meth GET uri /health
http-check expect string Healthy
# server www-1 public.ip.13:8096 check
server www-2 public.ip.14:8096 check

backend web12
balance roundrobin
http-check send meth GET uri /health
http-check expect string Healthy
server www-1 public.ip.13:80
# server www-2 public.ip.14:80

#backend www-backend
# server nginx www.domain.nl:80 check

backend letsencrypt-backend
server letsencrypt

Roundrobin means exactly that: one request goes to one server, the other request goes to another server.

Whether this works for your application is something that you need to check. I’m assuming Jitsi and Jellyfin are likely not configured with shared session state among the servers.

It’s also a bad idea for cache locality.

I suggest you switch to a load balancing algorithm different than round robin. Maybe source :


Thank you lukastribus,

Roundrobin and leastconnection is not working, I tested with “balance first” with a good result, but only one server always get used if I don’t use a “hash-type”
I found this article:

In there is told what a hash-type could do, I understand but my knowledge is not enough to define a hash-type and how to implement in Haproxy.conf file

What are the needed steps to implement the hash-type and, according to that article, calculate indexes.

reading more articles I decided to make the source leading, testing went fine and this is what I entered in the Haproxy.conf.

balance source
hash-type consistent

balance source is what I suggested indeed.

Make sure you understand the root cause properly though.

I will see the practice, the stats from Haproxy are enabled and hope to see the balance in resources2
Thanks for the hint