How to debug term code CD?

jeffrey · February 9, 2022, 3:04pm

For downloading certain files via haproxy I’m often, but not always, getting a term code CD. Asking the backend directly for this file, always works. It’s just an image of ~300kb and the response time is never high. So I’m wondering what’s going on here, how can I debug this?

In browsers it results in an image only partially shown. And using curl I get: curl: (18) transfer closed with 62685 bytes remaining to read.

Feb  9 14:58:54 haproxy haproxy[6447]: 10.0.0.100:61330 [09/Feb/2022:14:58:54.516] www XXXX/XXXX 0/0/0/3/6 200 325957 - - ---- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb  9 14:58:54 haproxy haproxy[6447]: 10.0.0.100:61332 [09/Feb/2022:14:58:54.795] www XXXX/XXXX 0/0/0/4/7 200 325957 - - ---- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb  9 14:58:55 haproxy haproxy[6447]: 10.0.0.100:61334 [09/Feb/2022:14:58:55.080] www XXXX/XXXX 0/0/1/3/8 200 325957 - - ---- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb  9 14:58:55 haproxy haproxy[6447]: 10.0.0.100:61336 [09/Feb/2022:14:58:55.345] www XXXX/XXXX 0/0/1/3/7 200 325957 - - CD-- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb  9 14:58:55 haproxy haproxy[6447]: 10.0.0.100:61339 [09/Feb/2022:14:58:55.606] www XXXX/XXXX 0/0/0/3/6 200 325957 - - CD-- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"
Feb  9 14:58:55 haproxy haproxy[6447]: 10.0.0.100:61341 [09/Feb/2022:14:58:55.959] www XXXX/XXXX 0/0/1/4/8 200 325957 - - ---- 7/3/0/0/0 0/0 {XXXX|curl/7.80.0||} {|} "GET /images/temp/bg-00.jpg HTTP/1.1"

lukastribus · February 9, 2022, 8:16pm

Please provide the configuration and the output of haproxy -vv.

jeffrey · February 9, 2022, 8:37pm

HAProxy version 2.4.11-1e183b8 2022/01/07 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2026.
Known bugs: http://www.haproxy.org/bugs/bugs-2.4.11.html
Running on: FreeBSD 13.0-RELEASE-p4 FreeBSD 13.0-RELEASE-p4 #0: Tue Aug 24 07:33:27 UTC 2021     root@amd64-builder.daemonology.net:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64
Build options :
  TARGET  = freebsd
  CPU     = generic
  CC      = cc
  CFLAGS  = -O2 -pipe -fstack-protector-strong -fno-strict-aliasing -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-address-of-packed-member -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-missing-field-initializers -Wno-string-plus-int -Wno-atomic-alignment -Wtype-limits -Wshift-negative-value -Wnull-dereference -DFREEBSD_PORTS
  OPTIONS = USE_PCRE=1 USE_PCRE_JIT=1 USE_STATIC_PCRE=1 USE_GETADDRINFO=1 USE_OPENSSL=1 USE_ACCEPT4=1 USE_ZLIB=1 USE_CPU_AFFINITY=1
  DEBUG   =

Feature list : -EPOLL +KQUEUE -NETFILTER +PCRE +PCRE_JIT -PCRE2 -PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED -BACKTRACE +STATIC_PCRE -STATIC_PCRE2 +TPROXY -LINUX_TPROXY -LINUX_SPLICE +LIBCRYPT -CRYPT_H +GETADDRINFO +OPENSSL -LUA -FUTEX +ACCEPT4 +CLOSEFROM +ZLIB -SLZ +CPU_AFFINITY -TFO -NS -DL -RT -DEVICEATLAS -51DEGREES -WURFL -SYSTEMD -OBSOLETE_LINKER -PRCTL +PROCCTL -THREAD_DUMP -EVPORTS -OT -QUIC -PROMEX -MEMORY_PROFILING

Default settings :
  bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Built with multi-threading support (MAX_THREADS=64, default=4).
Built with OpenSSL version : OpenSSL 1.1.1k-freebsd  24 Aug 2021
Running on OpenSSL version : OpenSSL 1.1.1k-freebsd  24 Aug 2021
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3
Built with zlib version : 1.2.11
Running on zlib version : 1.2.11
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with transparent proxy support using: IP_BINDANY IPV6_BINDANY
Built with PCRE version : 8.45 2021-06-15
Running on PCRE version : 8.45 2021-06-15
PCRE library supports JIT : yes
Encrypted password support via crypt(3): yes
Built with clang compiler version 11.0.1 (git@github.com:llvm/llvm-project.git llvmorg-11.0.1-0-g43ff75f2c3fe)

Available polling systems :
     kqueue : pref=300,  test result OK
       poll : pref=200,  test result OK
     select : pref=150,  test result OK
Total: 3 (3 usable), will use kqueue.

Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
              h2 : mode=HTTP       side=FE|BE     mux=H2       flags=HTX|CLEAN_ABRT|HOL_RISK|NO_UPG
            fcgi : mode=HTTP       side=BE        mux=FCGI     flags=HTX|HOL_RISK|NO_UPG
              h1 : mode=HTTP       side=FE|BE     mux=H1       flags=HTX|NO_UPG
       <default> : mode=HTTP       side=FE|BE     mux=H1       flags=HTX
            none : mode=TCP        side=FE|BE     mux=PASS     flags=NO_UPG
       <default> : mode=TCP        side=FE|BE     mux=PASS     flags=

Available services : none

Available filters :
        [SPOE] spoe
        [CACHE] cache
        [FCGI] fcgi-app
        [COMP] compression
        [TRACE] trace

And the config:

global
  ssl-default-bind-options ssl-min-ver TLSv1.2 prefer-client-ciphers
  ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
  ssl-default-bind-ciphers ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES256:ECDH+AES128:!aNULL:!SHA1:!AESCCM:@SECLEVEL=2

  ssl-default-server-options ssl-min-ver TLSv1.2
  ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
  ssl-default-server-ciphers ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES256:ECDH+AES128:!aNULL:!SHA1:!AESCCM:@SECLEVEL=2

  ssl-dh-param-file /usr/local/etc/haproxy/dhparams.pem
  tune.ssl.default-dh-param  2048

  log /var/run/log local0
  maxconn 4096
  user www
  group www
  daemon
  stats socket /var/run/haproxy.socket mode 600 expose-fd listeners level user

defaults
  log global
  mode http

  compression algo gzip
  compression type text/html text/plain text/css application/vnd.api+json application/json text/javascript

  option httpchk GET /

  option dontlognull
  option forwardfor
  option http-ignore-probes
  option http-server-close
  option httplog
  option redispatch

  timeout connect 5000
  timeout client  50000
  timeout server  50000


frontend www-ssl
  bind 10.0.0.100:443 ssl strict-sni crt /usr/local/etc/haproxy/certs alpn h2,http/1.1

  # Certbot
  acl letsencrypt-acl path_beg /.well-known/acme-challenge

  capture request header Host len 32
  capture request header User-agent len 128
  capture request header Content-Length len 100
  capture request header Referer len 200
  capture response header Cache-Control len 80
  capture response header Location len 200

  http-response add-header Strict-Transport-Security max-age=31536000
  http-response add-header X-Content-Type-Options nosniff
  http-response add-header Referrer-Policy strict-origin
  http-response add-header X-Frame-Options SAMEORIGIN
  http-response del-header Server

  http-request redirect location https://%[hdr(host),map(/usr/local/etc/haproxy/rewrite_domains.map)]%[capture.req.uri] code 301 if ! letsencrypt-acl { hdr(host),map(/usr/local/etc/haproxy/rewrite_domains.map) -i -m found }
  http-request add-header X-Forwarded-Proto https

  use_backend letsencrypt-backend if letsencrypt-acl
  use_backend %[ssl_fc_sni,lower,map_dom(/usr/local/etc/haproxy/https_domains.map)]

frontend www
  bind 10.0.0.100:80

  # Certbot
  acl letsencrypt-acl path_beg /.well-known/acme-challenge

  capture request header Host len 32  # idx 0
  capture request header User-agent len 128
  capture request header Content-Length len 100
  capture request header Referer len 200
  capture response header Cache-Control len 80
  capture response header Location len 200

  http-response add-header X-Content-Type-Options nosniff
  http-response add-header Referrer-Policy strict-origin
  http-response add-header X-Frame-Options SAMEORIGIN
  http-response del-header Server

  http-request redirect location http://%[hdr(host),map(/usr/local/etc/haproxy/rewrite_domains.map)]%[capture.req.uri] code 301 if ! letsencrypt-acl { req.hdr(host),map(/usr/local/etc/haproxy/rewrite_domains.map) -i -m found }

  http-request redirect scheme https code 301 if !{ ssl_fc } ! letsencrypt-acl { req.hdr(host),lower,map_dom(/usr/local/etc/haproxy/https_domains.map) -m found }

  use_backend letsencrypt-backend if letsencrypt-acl
  use_backend %[req.hdr(host),lower,map_dom(/usr/local/etc/haproxy/http_domains.map)]

backend XXXX
  server client-XXXX 10.0.0.13:4002


backend client_YYYYY
  option httpchk GET /test
  server client_YYYY 10.0.0.12:4000 check

backend varnish
  server varnish 10.0.0.104:8080 send-proxy-v2

backend letsencrypt-backend
  server letsencrypt 127.0.0.1:8000

Thanks!

lukastribus · February 9, 2022, 9:01pm

Yeah, that’s a major bug in 2.4.11, 2.4.12 was released 4 days after the 2.4.11 release to fix this. You should upgrade to 2.4.12 as soon as possible.

github.com/haproxy/haproxy

HAProxy returns incorrect (ending with tons of 0x00) content

opened 12:02PM - 10 Jan 22 UTC

closed 10:00AM - 11 Jan 22 UTC

trebonius0

type: bug severity: major status: fixed

### Detailed Description of the Problem Hello I noticed today that haproxy… returns incorrect data on some calls since last update (2.4.11) I've clients calling my haproxy, which then calls my apache servers. My apache servers return some content, haproxy returns it, and the md5 of the two content (apache response vs haproxy response) is not the same I checked the 2 contents, the apache content is correct and for some reason haproxy modifies it. In particular, the end of the file haproxy returns is full of 0x00 (when it isn't in the file apache returns) The files returned by haproxy and apache2 have the same size though. If I call haproxy multiple times requesting for the same content, the md5 will vary from time to time, so I guess the place in the content where all those 0x00 start appearing do change ### Expected Behavior I expect the data returned by haproxy be the same as the data returned by the server it calls ### Steps to Reproduce the Behavior Using the same config for haproxy as mine (in the next fields of the bug report), try to return the file contained in this zip [apache6.zip](https://github.com/haproxy/haproxy/files/7838614/apache6.zip), using http The content of the file will not be correct (here is what i got for instance) [response6.zip](https://github.com/haproxy/haproxy/files/7838623/response6.zip) (the file contained in the zip) ### Do you have any idea what may have caused this? Latest update maybe be the cause, as I updated yesterday and users started to complain today. Nevertheless, it's a bit hard in my configuration to rollback to previous haproxy version ### Do you have an idea how to solve the issue? _No response_ ### What is your configuration? ```haproxy global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners stats timeout 30s user haproxy group haproxy daemon maxconn 320000 tune.ssl.cachesize 1000000 ca-base /etc/ssl/certs crt-base /etc/ssl/private ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS ssl-default-bind-options no-sslv3 lua-load /etc/haproxy/200.lua defaults log global mode http option httplog timeout connect 10000 timeout client 60000 timeout server 60000 maxconn 320000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http frontend haproxynode bind *:80 bind *:443 ssl crt /etc/ssl/<redacted>/<redacted>.com.pem # Redirect if HTTPS is *not* used redirect scheme https code 301 if { hdr(Host) -i <redacted> -i <redacted> } !{ ssl_fc } acl health-endpoint-acl path_beg /haproxy/health use_backend http_200 if health-endpoint-acl acl repBack-acl hdr(host) -i <redacted> -i <redacted>:80 use_backend repBack if repBack-acl default_backend backendnodes # both request and response headers must be captured for filebeat to work capture request header User-Agent len 256 capture request header Host len 256 capture response header CV len 15 backend backendnodes balance roundrobin option forwardfor http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } http-response del-header server option httpchk GET /health HTTP/1.1\r\nHost:<redacted> timeout check 2000 option redispatch retry-on empty-response server www-0 <redacted> check maxconn 8192 server www-1 <redacted> check maxconn 8192 backend repBack balance source option forwardfor http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } http-response del-header server option httpchk GET /repBack/version HTTP/1.1\r\nHost:<redacted> server repBack <redacted> check maxconn 1024 backend http_200 http-request use-service lua.200-response listen stats bind :32700 stats enable stats uri / ``` ### Output of `haproxy -vv` ```plain HAProxy version 2.4.11-1ppa1~focal 2022/01/07 - https://haproxy.org/ Status: long-term supported branch - will stop receiving fixes around Q2 2026. Known bugs: http://www.haproxy.org/bugs/bugs-2.4.11.html Running on: Linux 5.4.0-66-generic #74-Ubuntu SMP Wed Jan 27 22:54:38 UTC 2021 x86_64 Build options : TARGET = linux-glibc CPU = generic CC = cc CFLAGS = -O2 -g -O2 -fdebug-prefix-map=/build/haproxy-Z8Nhc7/haproxy-2.4.11=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-address-of-packed-member -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initializers -Wno-cast-function-type -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference OPTIONS = USE_PCRE2=1 USE_PCRE2_JIT=1 USE_OPENSSL=1 USE_LUA=1 USE_SLZ=1 USE_SYSTEMD=1 USE_PROMEX=1 DEBUG = Feature list : +EPOLL -KQUEUE +NETFILTER -PCRE -PCRE_JIT +PCRE2 +PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED +BACKTRACE -STATIC_PCRE -STATIC_PCRE2 +TPROXY +LINUX_TPROXY +LINUX_SPLICE +LIBCRYPT +CRYPT_H +GETADDRINFO +OPENSSL +LUA +FUTEX +ACCEPT4 -CLOSEFROM -ZLIB +SLZ +CPU_AFFINITY +TFO +NS +DL +RT -DEVICEATLAS -51DEGREES -WURFL +SYSTEMD -OBSOLETE_LINKER +PRCTL -PROCCTL +THREAD_DUMP -EVPORTS -OT -QUIC +PROMEX -MEMORY_PROFILING Default settings : bufsize = 16384, maxrewrite = 1024, maxpollevents = 200 Built with multi-threading support (MAX_THREADS=64, default=16). Built with OpenSSL version : OpenSSL 1.1.1f 31 Mar 2020 Running on OpenSSL version : OpenSSL 1.1.1f 31 Mar 2020 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3 Built with Lua version : Lua 5.3.3 Built with the Prometheus exporter as a service Built with network namespace support. Built with libslz for stateless compression. Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Built with PCRE2 version : 10.34 2019-11-21 PCRE2 library supports JIT : yes Encrypted password support via crypt(3): yes Built with gcc compiler version 9.3.0 Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Available multiplexer protocols : (protocols marked as <default> cannot be specified using 'proto' keyword) h2 : mode=HTTP side=FE|BE mux=H2 flags=HTX|CLEAN_ABRT|HOL_RISK|NO_UPG fcgi : mode=HTTP side=BE mux=FCGI flags=HTX|HOL_RISK|NO_UPG <default> : mode=HTTP side=FE|BE mux=H1 flags=HTX h1 : mode=HTTP side=FE|BE mux=H1 flags=HTX|NO_UPG <default> : mode=TCP side=FE|BE mux=PASS flags= none : mode=TCP side=FE|BE mux=PASS flags=NO_UPG Available services : prometheus-exporter Available filters : [SPOE] spoe [CACHE] cache [FCGI] fcgi-app [COMP] compression [TRACE] trace ``` ### Last Outputs and Backtraces ```plain Haproxy did not crash so i don't think this is relevant ``` ### Additional Information The endpoint causing the issue in my config is the endpoint called "repBack"

github.com/haproxy/haproxy

HAProxy 2.4.11 incomplete responses

opened 01:29PM - 10 Jan 22 UTC

closed 09:37AM - 11 Jan 22 UTC

idl0r

type: bug status: duplicate

### Detailed Description of the Problem It looks like only 2.4.11 is affected. …In some cases, we noticed some partial responses for example via curl: `* transfer closed with 14389 bytes remaining to read` It indeed got only part of the response. HAProxy logs an internal proxy error: `somefrontend~ somebackend/someserver 0/0/1/0/3 200 117289 - - ID-- 91/11/2/2/0 0/0 {somehost|curl/7.29.0|||} "GET /de HTTP/1.1" ` "I" is described as: _I : an internal error was identified by the proxy during a self-check. This should NEVER happen, and you are encouraged to report any log containing this, because this would almost certainly be a bug. It would be wise to preventively restart the process after such an event too, in case it would be caused by memory corruption._ According to the logs it also doesn't seem to just affect curl but others as well. It also affected several frontends/backends, not just specific ones. ### Expected Behavior Transfer shouldn't be partial ### Steps to Reproduce the Behavior Well, there is no good way yet to reproduce it. I have one CenOS Host, running 7.9.2009 and using their curl https://vault.centos.org/7.9.2009/os/Source/SPackages/curl-7.29.0-59.el7.src.rpm I wasn't able to reproduce it on other hosts though. Even when using the same curl binary or building the same from source. ### Do you have any idea what may have caused this? Something between 2.4.10 and 2.4.11 it seems ### Do you have an idea how to solve the issue? _No response_ ### What is your configuration? ```haproxy non yet, due to containing sensitive details ``` ### Output of `haproxy -vv` ```plain HAProxy version 2.4.11-1e183b8 2022/01/07 - https://haproxy.org/ Status: long-term supported branch - will stop receiving fixes around Q2 2026. Known bugs: http://www.haproxy.org/bugs/bugs-2.4.11.html Running on: Linux 5.10.0-10-amd64 #1 SMP Debian 5.10.84-1 (2021-12-08) x86_64 Build options : TARGET = linux-glibc CPU = generic CC = cc CFLAGS = -O2 -g -Wall -Wextra -Wdeclaration-after-statement -fwrapv -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initializers -Wno-cast-function-type -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference OPTIONS = USE_PCRE= USE_PCRE_JIT= USE_PCRE2=1 USE_PCRE2_JIT= USE_LIBCRYPT=1 USE_OPENSSL=1 USE_LUA=1 USE_ZLIB= USE_SLZ=1 USE_NS= USE_SYSTEMD=1 USE_PROMEX=1 DEBUG = Feature list : +EPOLL -KQUEUE +NETFILTER -PCRE -PCRE_JIT +PCRE2 -PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED +BACKTRACE -STATIC_PCRE -STATIC_PCRE2 +TPROXY +LINUX_TPROXY +LINUX_SPLICE +LIBCRYPT +CRYPT_H +GETADDRINFO +OPENSSL +LUA +FUTEX +ACCEPT4 -CLOSEFROM -ZLIB +SLZ +CPU_AFFINITY +TFO -NS +DL +RT -DEVICEATLAS -51DEGREES -WURFL +SYSTEMD -OBSOLETE_LINKER +PRCTL -PROCCTL +THREAD_DUMP -EVPORTS -OT -QUIC +PROMEX -MEMORY_PROFILING Default settings : bufsize = 16384, maxrewrite = 1024, maxpollevents = 200 Built with multi-threading support (MAX_THREADS=64, default=8). Built with OpenSSL version : OpenSSL 1.1.1d 10 Sep 2019 Running on OpenSSL version : OpenSSL 1.1.1d 10 Sep 2019 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3 Built with Lua version : Lua 5.3.3 Built with the Prometheus exporter as a service Built with libslz for stateless compression. Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Built with PCRE2 version : 10.32 2018-09-10 PCRE2 library supports JIT : no (USE_PCRE2_JIT not set) Encrypted password support via crypt(3): yes Built with gcc compiler version 8.3.0 Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Available multiplexer protocols : (protocols marked as <default> cannot be specified using 'proto' keyword) h2 : mode=HTTP side=FE|BE mux=H2 flags=HTX|CLEAN_ABRT|HOL_RISK|NO_UPG fcgi : mode=HTTP side=BE mux=FCGI flags=HTX|HOL_RISK|NO_UPG <default> : mode=HTTP side=FE|BE mux=H1 flags=HTX h1 : mode=HTTP side=FE|BE mux=H1 flags=HTX|NO_UPG <default> : mode=TCP side=FE|BE mux=PASS flags= none : mode=TCP side=FE|BE mux=PASS flags=NO_UPG Available services : prometheus-exporter Available filters : [SPOE] spoe [CACHE] cache [FCGI] fcgi-app [COMP] compression [TRACE] trace ``` ### Last Outputs and Backtraces ```plain somefrontend~ somebackend/someserver 0/0/1/0/3 200 117289 - - ID-- 91/11/2/2/0 0/0 {somehost|curl/7.29.0|||} "GET /de HTTP/1.1" ``` ### Additional Information _No response_

jeffrey · February 9, 2022, 9:23pm

Oh wow, I did not notice that release. Works great after the upgrade! Thanks.

Topic		Replies	Views
Haproxy removes the "Reason-Phrase" from the HTTP response status code Help!	6	832	June 24, 2020
False responses to site requests through Help!	1	188	April 9, 2023
How to keep error response code from backend? Help!	9	5995	April 18, 2017
Curl not closed when 204 No-Content and Transfer-Encoding: chunked through haproxy Help!	1	1341	August 27, 2017
Proxy Protocol V2 Help!	1	623	December 24, 2017

How to debug term code CD?

Related Topics