For downloading certain files via haproxy I’m often, but not always, getting a term code CD. Asking the backend directly for this file, always works. It’s just an image of ~300kb and the response time is never high. So I’m wondering what’s going on here, how can I debug this?
In browsers it results in an image only partially shown. And using curl I get: curl: (18) transfer closed with 62685 bytes remaining to read
.
Feb 9 14:58:54 haproxy haproxy[6447]: 10.0.0.100:61330 [09/Feb/2022:14:58:54.516] www XXXX/XXXX 0/0/0/3/6 200 325957 - - ---- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb 9 14:58:54 haproxy haproxy[6447]: 10.0.0.100:61332 [09/Feb/2022:14:58:54.795] www XXXX/XXXX 0/0/0/4/7 200 325957 - - ---- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb 9 14:58:55 haproxy haproxy[6447]: 10.0.0.100:61334 [09/Feb/2022:14:58:55.080] www XXXX/XXXX 0/0/1/3/8 200 325957 - - ---- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb 9 14:58:55 haproxy haproxy[6447]: 10.0.0.100:61336 [09/Feb/2022:14:58:55.345] www XXXX/XXXX 0/0/1/3/7 200 325957 - - CD-- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb 9 14:58:55 haproxy haproxy[6447]: 10.0.0.100:61339 [09/Feb/2022:14:58:55.606] www XXXX/XXXX 0/0/0/3/6 200 325957 - - CD-- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb 9 14:58:55 haproxy haproxy[6447]: 10.0.0.100:61341 [09/Feb/2022:14:58:55.959] www XXXX/XXXX 0/0/1/4/8 200 325957 - - ---- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Please provide the configuration and the output of haproxy -vv
.
HAProxy version 2.4.11-1e183b8 2022/01/07 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2026.
Known bugs: http://www.haproxy.org/bugs/bugs-2.4.11.html
Running on: FreeBSD 13.0-RELEASE-p4 FreeBSD 13.0-RELEASE-p4 #0: Tue Aug 24 07:33:27 UTC 2021 root@amd64-builder.daemonology.net:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64
Build options :
TARGET = freebsd
CPU = generic
CC = cc
CFLAGS = -O2 -pipe -fstack-protector-strong -fno-strict-aliasing -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-address-of-packed-member -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-missing-field-initializers -Wno-string-plus-int -Wno-atomic-alignment -Wtype-limits -Wshift-negative-value -Wnull-dereference -DFREEBSD_PORTS
OPTIONS = USE_PCRE=1 USE_PCRE_JIT=1 USE_STATIC_PCRE=1 USE_GETADDRINFO=1 USE_OPENSSL=1 USE_ACCEPT4=1 USE_ZLIB=1 USE_CPU_AFFINITY=1
DEBUG =
Feature list : -EPOLL +KQUEUE -NETFILTER +PCRE +PCRE_JIT -PCRE2 -PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED -BACKTRACE +STATIC_PCRE -STATIC_PCRE2 +TPROXY -LINUX_TPROXY -LINUX_SPLICE +LIBCRYPT -CRYPT_H +GETADDRINFO +OPENSSL -LUA -FUTEX +ACCEPT4 +CLOSEFROM +ZLIB -SLZ +CPU_AFFINITY -TFO -NS -DL -RT -DEVICEATLAS -51DEGREES -WURFL -SYSTEMD -OBSOLETE_LINKER -PRCTL +PROCCTL -THREAD_DUMP -EVPORTS -OT -QUIC -PROMEX -MEMORY_PROFILING
Default settings :
bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with multi-threading support (MAX_THREADS=64, default=4).
Built with OpenSSL version : OpenSSL 1.1.1k-freebsd 24 Aug 2021
Running on OpenSSL version : OpenSSL 1.1.1k-freebsd 24 Aug 2021
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3
Built with zlib version : 1.2.11
Running on zlib version : 1.2.11
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with transparent proxy support using: IP_BINDANY IPV6_BINDANY
Built with PCRE version : 8.45 2021-06-15
Running on PCRE version : 8.45 2021-06-15
PCRE library supports JIT : yes
Encrypted password support via crypt(3): yes
Built with clang compiler version 11.0.1 (git@github.com:llvm/llvm-project.git llvmorg-11.0.1-0-g43ff75f2c3fe)
Available polling systems :
kqueue : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use kqueue.
Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
h2 : mode=HTTP side=FE|BE mux=H2 flags=HTX|CLEAN_ABRT|HOL_RISK|NO_UPG
fcgi : mode=HTTP side=BE mux=FCGI flags=HTX|HOL_RISK|NO_UPG
h1 : mode=HTTP side=FE|BE mux=H1 flags=HTX|NO_UPG
<default> : mode=HTTP side=FE|BE mux=H1 flags=HTX
none : mode=TCP side=FE|BE mux=PASS flags=NO_UPG
<default> : mode=TCP side=FE|BE mux=PASS flags=
Available services : none
Available filters :
[SPOE] spoe
[CACHE] cache
[FCGI] fcgi-app
[COMP] compression
[TRACE] trace
And the config:
global
ssl-default-bind-options ssl-min-ver TLSv1.2 prefer-client-ciphers
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-ciphers ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES256:ECDH+AES128:!aNULL:!SHA1:!AESCCM:@SECLEVEL=2
ssl-default-server-options ssl-min-ver TLSv1.2
ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-server-ciphers ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES256:ECDH+AES128:!aNULL:!SHA1:!AESCCM:@SECLEVEL=2
ssl-dh-param-file /usr/local/etc/haproxy/dhparams.pem
tune.ssl.default-dh-param 2048
log /var/run/log local0
maxconn 4096
user www
group www
daemon
stats socket /var/run/haproxy.socket mode 600 expose-fd listeners level user
defaults
log global
mode http
compression algo gzip
compression type text/html text/plain text/css application/vnd.api+json application/json text/javascript
option httpchk GET /
option dontlognull
option forwardfor
option http-ignore-probes
option http-server-close
option httplog
option redispatch
timeout connect 5000
timeout client 50000
timeout server 50000
frontend www-ssl
bind 10.0.0.100:443 ssl strict-sni crt /usr/local/etc/haproxy/certs alpn h2,http/1.1
# Certbot
acl letsencrypt-acl path_beg /.well-known/acme-challenge
capture request header Host len 32
capture request header User-agent len 128
capture request header Content-Length len 100
capture request header Referer len 200
capture response header Cache-Control len 80
capture response header Location len 200
http-response add-header Strict-Transport-Security max-age=31536000
http-response add-header X-Content-Type-Options nosniff
http-response add-header Referrer-Policy strict-origin
http-response add-header X-Frame-Options SAMEORIGIN
http-response del-header Server
http-request redirect location https://%[hdr(host),map(/usr/local/etc/haproxy/rewrite_domains.map)]%[capture.req.uri] code 301 if ! letsencrypt-acl { hdr(host),map(/usr/local/etc/haproxy/rewrite_domains.map) -i -m found }
http-request add-header X-Forwarded-Proto https
use_backend letsencrypt-backend if letsencrypt-acl
use_backend %[ssl_fc_sni,lower,map_dom(/usr/local/etc/haproxy/https_domains.map)]
frontend www
bind 10.0.0.100:80
# Certbot
acl letsencrypt-acl path_beg /.well-known/acme-challenge
capture request header Host len 32 # idx 0
capture request header User-agent len 128
capture request header Content-Length len 100
capture request header Referer len 200
capture response header Cache-Control len 80
capture response header Location len 200
http-response add-header X-Content-Type-Options nosniff
http-response add-header Referrer-Policy strict-origin
http-response add-header X-Frame-Options SAMEORIGIN
http-response del-header Server
http-request redirect location http://%[hdr(host),map(/usr/local/etc/haproxy/rewrite_domains.map)]%[capture.req.uri] code 301 if ! letsencrypt-acl { req.hdr(host),map(/usr/local/etc/haproxy/rewrite_domains.map) -i -m found }
http-request redirect scheme https code 301 if !{ ssl_fc } ! letsencrypt-acl { req.hdr(host),lower,map_dom(/usr/local/etc/haproxy/https_domains.map) -m found }
use_backend letsencrypt-backend if letsencrypt-acl
use_backend %[req.hdr(host),lower,map_dom(/usr/local/etc/haproxy/http_domains.map)]
backend XXXX
server client-XXXX 10.0.0.13:4002
backend client_YYYYY
option httpchk GET /test
server client_YYYY 10.0.0.12:4000 check
backend varnish
server varnish 10.0.0.104:8080 send-proxy-v2
backend letsencrypt-backend
server letsencrypt 127.0.0.1:8000
Thanks!
Yeah, that’s a major bug in 2.4.11
, 2.4.12
was released 4 days after the 2.4.11
release to fix this. You should upgrade to 2.4.12
as soon as possible.
opened 12:02PM - 10 Jan 22 UTC
closed 10:00AM - 11 Jan 22 UTC
type: bug
severity: major
status: fixed
### Detailed Description of the Problem
Hello
I noticed today that haproxy… returns incorrect data on some calls since last update (2.4.11)
I've clients calling my haproxy, which then calls my apache servers. My apache servers return some content, haproxy returns it, and the md5 of the two content (apache response vs haproxy response) is not the same
I checked the 2 contents, the apache content is correct and for some reason haproxy modifies it.
In particular, the end of the file haproxy returns is full of 0x00 (when it isn't in the file apache returns)
The files returned by haproxy and apache2 have the same size though.
If I call haproxy multiple times requesting for the same content, the md5 will vary from time to time, so I guess the place in the content where all those 0x00 start appearing do change
### Expected Behavior
I expect the data returned by haproxy be the same as the data returned by the server it calls
### Steps to Reproduce the Behavior
Using the same config for haproxy as mine (in the next fields of the bug report), try to return the file contained in this zip
[apache6.zip](https://github.com/haproxy/haproxy/files/7838614/apache6.zip), using http
The content of the file will not be correct (here is what i got for instance) [response6.zip](https://github.com/haproxy/haproxy/files/7838623/response6.zip) (the file contained in the zip)
### Do you have any idea what may have caused this?
Latest update maybe be the cause, as I updated yesterday and users started to complain today.
Nevertheless, it's a bit hard in my configuration to rollback to previous haproxy version
### Do you have an idea how to solve the issue?
_No response_
### What is your configuration?
```haproxy
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 320000
tune.ssl.cachesize 1000000
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
lua-load /etc/haproxy/200.lua
defaults
log global
mode http
option httplog
timeout connect 10000
timeout client 60000
timeout server 60000
maxconn 320000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
frontend haproxynode
bind *:80
bind *:443 ssl crt /etc/ssl/<redacted>/<redacted>.com.pem
# Redirect if HTTPS is *not* used
redirect scheme https code 301 if { hdr(Host) -i <redacted> -i <redacted> } !{ ssl_fc }
acl health-endpoint-acl path_beg /haproxy/health
use_backend http_200 if health-endpoint-acl
acl repBack-acl hdr(host) -i <redacted> -i <redacted>:80
use_backend repBack if repBack-acl
default_backend backendnodes
# both request and response headers must be captured for filebeat to work
capture request header User-Agent len 256
capture request header Host len 256
capture response header CV len 15
backend backendnodes
balance roundrobin
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
http-response del-header server
option httpchk GET /health HTTP/1.1\r\nHost:<redacted>
timeout check 2000
option redispatch
retry-on empty-response
server www-0 <redacted> check maxconn 8192
server www-1 <redacted> check maxconn 8192
backend repBack
balance source
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
http-response del-header server
option httpchk GET /repBack/version HTTP/1.1\r\nHost:<redacted>
server repBack <redacted> check maxconn 1024
backend http_200
http-request use-service lua.200-response
listen stats
bind :32700
stats enable
stats uri /
```
### Output of `haproxy -vv`
```plain
HAProxy version 2.4.11-1ppa1~focal 2022/01/07 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2026.
Known bugs: http://www.haproxy.org/bugs/bugs-2.4.11.html
Running on: Linux 5.4.0-66-generic #74-Ubuntu SMP Wed Jan 27 22:54:38 UTC 2021 x86_64
Build options :
TARGET = linux-glibc
CPU = generic
CC = cc
CFLAGS = -O2 -g -O2 -fdebug-prefix-map=/build/haproxy-Z8Nhc7/haproxy-2.4.11=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-address-of-packed-member -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initializers -Wno-cast-function-type -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference
OPTIONS = USE_PCRE2=1 USE_PCRE2_JIT=1 USE_OPENSSL=1 USE_LUA=1 USE_SLZ=1 USE_SYSTEMD=1 USE_PROMEX=1
DEBUG =
Feature list : +EPOLL -KQUEUE +NETFILTER -PCRE -PCRE_JIT +PCRE2 +PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED +BACKTRACE -STATIC_PCRE -STATIC_PCRE2 +TPROXY +LINUX_TPROXY +LINUX_SPLICE +LIBCRYPT +CRYPT_H +GETADDRINFO +OPENSSL +LUA +FUTEX +ACCEPT4 -CLOSEFROM -ZLIB +SLZ +CPU_AFFINITY +TFO +NS +DL +RT -DEVICEATLAS -51DEGREES -WURFL +SYSTEMD -OBSOLETE_LINKER +PRCTL -PROCCTL +THREAD_DUMP -EVPORTS -OT -QUIC +PROMEX -MEMORY_PROFILING
Default settings :
bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with multi-threading support (MAX_THREADS=64, default=16).
Built with OpenSSL version : OpenSSL 1.1.1f 31 Mar 2020
Running on OpenSSL version : OpenSSL 1.1.1f 31 Mar 2020
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3
Built with Lua version : Lua 5.3.3
Built with the Prometheus exporter as a service
Built with network namespace support.
Built with libslz for stateless compression.
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Built with PCRE2 version : 10.34 2019-11-21
PCRE2 library supports JIT : yes
Encrypted password support via crypt(3): yes
Built with gcc compiler version 9.3.0
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
h2 : mode=HTTP side=FE|BE mux=H2 flags=HTX|CLEAN_ABRT|HOL_RISK|NO_UPG
fcgi : mode=HTTP side=BE mux=FCGI flags=HTX|HOL_RISK|NO_UPG
<default> : mode=HTTP side=FE|BE mux=H1 flags=HTX
h1 : mode=HTTP side=FE|BE mux=H1 flags=HTX|NO_UPG
<default> : mode=TCP side=FE|BE mux=PASS flags=
none : mode=TCP side=FE|BE mux=PASS flags=NO_UPG
Available services : prometheus-exporter
Available filters :
[SPOE] spoe
[CACHE] cache
[FCGI] fcgi-app
[COMP] compression
[TRACE] trace
```
### Last Outputs and Backtraces
```plain
Haproxy did not crash so i don't think this is relevant
```
### Additional Information
The endpoint causing the issue in my config is the endpoint called "repBack"
opened 01:29PM - 10 Jan 22 UTC
closed 09:37AM - 11 Jan 22 UTC
type: bug
status: duplicate
### Detailed Description of the Problem
It looks like only 2.4.11 is affected. … In some cases, we noticed some partial responses for example via curl:
`* transfer closed with 14389 bytes remaining to read`
It indeed got only part of the response.
HAProxy logs an internal proxy error:
`somefrontend~ somebackend/someserver 0/0/1/0/3 200 117289 - - ID-- 91/11/2/2/0 0/0 {somehost|curl/7.29.0|||} "GET /de HTTP/1.1"
`
"I" is described as:
_I : an internal error was identified by the proxy during a self-check.
This should NEVER happen, and you are encouraged to report any log
containing this, because this would almost certainly be a bug. It
would be wise to preventively restart the process after such an
event too, in case it would be caused by memory corruption._
According to the logs it also doesn't seem to just affect curl but others as well.
It also affected several frontends/backends, not just specific ones.
### Expected Behavior
Transfer shouldn't be partial
### Steps to Reproduce the Behavior
Well, there is no good way yet to reproduce it. I have one CenOS Host, running 7.9.2009 and using their curl https://vault.centos.org/7.9.2009/os/Source/SPackages/curl-7.29.0-59.el7.src.rpm
I wasn't able to reproduce it on other hosts though. Even when using the same curl binary or building the same from source.
### Do you have any idea what may have caused this?
Something between 2.4.10 and 2.4.11 it seems
### Do you have an idea how to solve the issue?
_No response_
### What is your configuration?
```haproxy
non yet, due to containing sensitive details
```
### Output of `haproxy -vv`
```plain
HAProxy version 2.4.11-1e183b8 2022/01/07 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2026.
Known bugs: http://www.haproxy.org/bugs/bugs-2.4.11.html
Running on: Linux 5.10.0-10-amd64 #1 SMP Debian 5.10.84-1 (2021-12-08) x86_64
Build options :
TARGET = linux-glibc
CPU = generic
CC = cc
CFLAGS = -O2 -g -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initializers -Wno-cast-function-type -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference
OPTIONS = USE_PCRE= USE_PCRE_JIT= USE_PCRE2=1 USE_PCRE2_JIT= USE_LIBCRYPT=1 USE_OPENSSL=1 USE_LUA=1 USE_ZLIB= USE_SLZ=1 USE_NS= USE_SYSTEMD=1 USE_PROMEX=1
DEBUG =
Feature list : +EPOLL -KQUEUE +NETFILTER -PCRE -PCRE_JIT +PCRE2 -PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED +BACKTRACE -STATIC_PCRE -STATIC_PCRE2 +TPROXY +LINUX_TPROXY +LINUX_SPLICE +LIBCRYPT +CRYPT_H +GETADDRINFO +OPENSSL +LUA +FUTEX +ACCEPT4 -CLOSEFROM -ZLIB +SLZ +CPU_AFFINITY +TFO -NS +DL +RT -DEVICEATLAS -51DEGREES -WURFL +SYSTEMD -OBSOLETE_LINKER +PRCTL -PROCCTL +THREAD_DUMP -EVPORTS -OT -QUIC +PROMEX -MEMORY_PROFILING
Default settings :
bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with multi-threading support (MAX_THREADS=64, default=8).
Built with OpenSSL version : OpenSSL 1.1.1d 10 Sep 2019
Running on OpenSSL version : OpenSSL 1.1.1d 10 Sep 2019
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3
Built with Lua version : Lua 5.3.3
Built with the Prometheus exporter as a service
Built with libslz for stateless compression.
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Built with PCRE2 version : 10.32 2018-09-10
PCRE2 library supports JIT : no (USE_PCRE2_JIT not set)
Encrypted password support via crypt(3): yes
Built with gcc compiler version 8.3.0
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
h2 : mode=HTTP side=FE|BE mux=H2 flags=HTX|CLEAN_ABRT|HOL_RISK|NO_UPG
fcgi : mode=HTTP side=BE mux=FCGI flags=HTX|HOL_RISK|NO_UPG
<default> : mode=HTTP side=FE|BE mux=H1 flags=HTX
h1 : mode=HTTP side=FE|BE mux=H1 flags=HTX|NO_UPG
<default> : mode=TCP side=FE|BE mux=PASS flags=
none : mode=TCP side=FE|BE mux=PASS flags=NO_UPG
Available services : prometheus-exporter
Available filters :
[SPOE] spoe
[CACHE] cache
[FCGI] fcgi-app
[COMP] compression
[TRACE] trace
```
### Last Outputs and Backtraces
```plain
somefrontend~ somebackend/someserver 0/0/1/0/3 200 117289 - - ID-- 91/11/2/2/0 0/0 {somehost|curl/7.29.0|||} "GET /de HTTP/1.1"
```
### Additional Information
_No response_
Oh wow, I did not notice that release. Works great after the upgrade! Thanks.
1 Like