I am using HAProxy 1.8 to balance in TCP mode between two or more Squid 4.7 servers.
To see the source IP of the clients in squid I set up:
http_port 3128 require-proxy-header
acl localnet src 192.168.20.1-192.168.20.254
proxy_protocol_access allow localnet
http_access allow localnet
And in HAProxy I set up:
defaults
global log
mode tcp
option tcplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend squid_in
bind *:3128
default_backend squid_pool
backend squid_pool
balance source
mode tcp
server proxy1 x.x.x.1:3128 check send-proxy inter 2000 rise 2 fall 3
server proxy2 x.x.x.2:3128 check send-proxy inter 2000 rise 2 fall 3
That’s the way it works for me. I can also see the IP origin of the clients in squid.
But the problem I have is that the HAProxy health checks leave me too many error messages in the squid log:
x.x.x.x NONE/000 0 NONE error:transaction-end-before-headers - HIER_NONE/- -
According to the documentation I understand that I need to configure my backend health checks so that they do not use the PROXY protocol.
But I don’t understand how to configure it.
Can someone who is more knowledgeable give me an idea of how to do it?
Thank you in advance for your help.
Best regards
Gabriel