Haproxy update from 1.6 to 2.0 slow tls handshake

Hi,

currently i have haproxy 1.6.15 on Ubuntu 16.04 serving 5 million sessions a day in fantastic performance. It works great!
I installed a new vm with ubuntu 20.04 and haproxy (2.0.13-2ubuntu0.1) and route traffic on that loadbalancer. I observed massive timeouts and connection issues in production so that i have to pull the plug and start the vm with the old haproxy in version 1.6.

The Config was the same one. I saw in my Browser Developer options that the TLS Handshake took 20 seconds and the Applications timed out. If i block all Traffic exept my test notebook all looks fine and the tls handshare was done in milliseconds and the application was fine. Under the load from all clients that handshake jumps back high and connection issues began.
The VM had the same Hardware ressources and there wasnt any botteleneck on the OS side. Old Haproxy works great without any performance problems

this is the running config:

global
        log /dev/log    local0
        log /dev/log    local1 notice
        chroot /var/lib/haproxy
        stats socket /run/haproxy/admin.sock mode 666 level admin
        stats timeout 30s
        user haproxy
        group haproxy
        daemon

        # Default SSL material locations
        ca-base /etc/ssl/certs
        crt-base /etc/ssl/private

        # Default ciphers to use on SSL-enabled listening sockets.
        # For more information, see ciphers(1SSL). This list is from:
        #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
        ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!DHE-RSA-AES256-SHA256:!DHE-RSA-AES128-SHA256:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-GCM-SHA384:!AES128-GCM-SHA256:!AES256-GCM-SHA384
        ssl-default-bind-options no-sslv3
        tune.ssl.default-dh-param 2048

defaults
        log     global
        mode    tcp
        option  tcplog
        option  dontlognull
        option  redispatch
        option  log-separate-errors
        option  tcpka
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http

frontend http-in
        bind *:80 v4v6
        mode http
        option httplog
        option clitcpka
        redirect scheme https if !{ ssl_fc }

frontend https-in
        bind *:443 ssl crt /etc/ssl/haproxy/key.pem
        mode    http
        option httplog
        option clitcpka
        maxconn 10000                         #alctl: connection max (depends on capacity)

        # Define hosts
        acl host_mail_xxx hdr(host) -i mail.xxx.xxx
        acl host_autodiscover_yyy hdr(host) -i autodiscover.yyy.yyy
        acl host_autodiscover_zzz hdr(host) -i autodiscover.zzz.zzz

        ## figure out which one to use
        use_backend https_mail.xxx.xxx if host_mail_xxx
        use_backend https_mail.yyy.yyy if host_autodiscover_yyy
        use_backend https_mail.zzz.zzz if host_zzz_zzz

backend https_mail.xxx.xxx
        mode http
        option httplog
        balance roundrobin
        option httpchk GET /owa/healthcheck.htm
        server MSX01 192.168.1.1:80 maxconn 10000 check
        server MSX02 192.168.1.2:80 maxconn 10000 check
        server MSX03 192.168.1.3:80 maxconn 10000 check


listen  stats
        bind :9000
        mode            http
        log             global

        stats enable
#       stats hide-version
        stats refresh 30s
        stats show-node
        stats auth xxxxxxxx:xxxx
        stats uri  /lbstats
        stats admin if TRUE

Do you have any insight for me how to solve that thing? i dont know thy the new haproxy is so slow and the old one looks like it can server twice the requests without any issues

root@hal0021haproxy01:~# haproxy -vv
HA-Proxy version 1.6.15-1ppa1~xenial 2019/10/27
Copyright 2000-2019 Willy Tarreau willy@haproxy.org

Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2
OPTIONS = USE_ZLIB=1 USE_REGPARM=1 USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1 USE_NS=1

Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Encrypted password support via crypt(3): yes
Built with zlib version : 1.2.8
Running on zlib version : 1.2.8
Compression algorithms supported : identity(“identity”), deflate(“deflate”), raw-deflate(“deflate”), gzip(“gzip”)
Built with OpenSSL version : OpenSSL 1.0.2g 1 Mar 2016
Running on OpenSSL version : OpenSSL 1.0.2g 1 Mar 2016
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built with PCRE version : 8.38 2015-11-23
Running on PCRE version : 8.43 2019-02-23
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Built with Lua version : Lua 5.3.1
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Built with network namespace support

Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.