I’m using “tcp-request connection reject if site_dead” to reject all tcp connection requests when backend has no available server.
But I found that when a client wants to establish a connection to a server (reject event is triggered,so backend is all down) behind HAProxy (technically,it’s client sending SYN package to HAProxy),the client receives SYN,ACK first,then receives the RST after client send ACK.
So I wonder if there is anyway to make HAProxy reject the connection request as soon as it receives SYN? (instead of establish tcp connection first then send RST)
Here is what I captured by Wireshark
And part of my configuration as follows
backend magpie_backend_1 mode tcp server magpie_server_1 X.X.X.X:39853 check frontend magpie_frontend_1 mode tcp bind 0.0.0.0:29853 acl site_dead nbsrv(magpie_backend_1) lt 1 tcp-request connection reject if site_dead default_backend magpie_backend_1