Following is the configuration for the proxy (IPs in logs modified for privacy):
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
#stats timeout 30s
#user haproxy
#group haproxy
daemon
defaults
log global
mode tcp
option tcplog
option dontlognull
option logasap
timeout connect 50000
timeout client 50000
timeout server 50000
listen stats
maxconn 1000000
bind 0.0.0.0:8081
stats enable
mode http
stats realm Haproxy\ Statistics # Title text for popup window
stats uri /stats # Stats URI
stats auth stats:stats # Authentication credentials
frontend local
bind *:1900
bind *:443
tcp-request connection expect-proxy layer4 if { src -f /etc/haproxy/proxies.lst }
mode tcp
default_backend nodes
backend backnodes
mode tcp
balance roundrobin
source 0.0.0.0 usesrc clientip
server one 10.10.10.10:1900 check
proxies.lst has a single line 1.1.1.1
Clients are unable to connect, if I check logs I see the following line,
Jun 11 10:46:39 udasddg0 haproxy[16981]: 1.1.1.1:51000 [11/Jun/2018:10:43:19.855] local backnodes/one 1/-1/+200005 +0 sC 31/31/30/30/3 0/0
From what I understand:
sC means server timed out and client reset the connection after that
also looks like Tc= -1 which means that the actual server did not respond to the proxy.
If I follow tcp stream in wireshark on the proxy server I see that we are receiving the proxy info:
PROXY TCP4 2.2.2.2 3.3.3.3 53889 1900
Not sure why the connections are failing. Any suggestions would be appreciated.