HAProxy keeps using the same server for every request (on same conn)

I’m using roundrobin on a http backend to rotate upstream http proxies.
For some reason, the load is balanced as expected on new connections, but making multiple requests from the same connection uses the same http proxy every time.
I’ve tried both option httpclose and option http-server-close, but this has no effect on anything.

I use curl to execute 3 requests, all of which returns the same ip (meaning all requests went through the same proxy).

curl --proxy “http://haproxy:3128https://ip.oxylabs.io --next --proxy “http://haproxy:3128https://ip.oxylabs.io --next --proxy “http://haproxy:3128https://ip.oxylabs.io

Doing these with separate connections (without --next, but separate curl executions) i see correct loadbalancing and new ip on every request.

Here’s my config

mode http
maxconn 3000
log global
option httplog
option redispatch
option dontlognull
option http-server-close
option forwardfor except
timeout http-request 10s
timeout check 10s
timeout connect 10s
timeout client 1m
timeout queue 1m
timeout server 1m
timeout http-keep-alive 10s
retries 3

frontend main
bind *:3128
default_backend pool

backend pool
mode http
balance roundrobin
timeout queue 30s
timeout server 30s
timeout connect 5s

  server xx.xx.xx.xx:xxxx xx.xx.xx.xx:xxxx verify none
  server yy.yy.yy.yy:yyyy yy.yy.yy.yy:yyyy verify none

Remove http-keep-alive or wait for 10 seconds between requests.

http-keep-alive is for the client connection, not the server connection.

I have submitted an issue on Github.
This issue might only be happening because i’m using haproxy as a forward proxy to loadbalance upstream proxies and all i see in the logs is CONNECTs.

First haproxy is a reverse proxy not a forward proxy. Having that in mind, it means it is a client too to the backend servers.

Sure, but i need the keep alive between my clients and haproxy. I use option http-server-close, which is supposed to allow that, while not keeping connections to backend servers alive.

Regardless, removing http-keep-alive timeout as you suggest has no impact on any of the behaviour i’m experiencing.

A HTTP CONNECT creates a transparent TCP Tunnel from the client to the backend server.

There is no way to load-balance single HTTP transactions within that TCP Tunnel.