Troubleshooting 502 Bad Gateway

Hello, I’m new to HAProxy and have hit a snag while evaluating it against our backend. I have found a particular request that seems to generate a 502 Bad Gateway error and was hoping someone could provide some insight into what is returned from the stats port.

“show errors” returns…

[09/Nov/2018:01:44:24.028] backend http_back (#4): invalid response
frontend https_front (#3), server system1 (#1), event #0
src 10.6.7.100:52328, session #0, session flags 0x0000048e
HTTP msg state MSG_HDR_L2_LWS(24), msg flags 0x00000000, tx flags 0x28603000
HTTP chunk len 0 bytes, HTTP body len 0 bytes
buffer flags 0x80008023, out 0 bytes, total 8635 bytes
pending 8635 bytes, wrapping at 16384, error at position 8313:

…and the lines around position 8313…

08240 Access-Control-Allow-Credentials: true\r\n
08280 Access-Control-Allow-Methods: *\r\n
08313 Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type,
08383+ Accept, Pragma, Cache-Control, Cache, Expires\r\n
08430 Connection: close\r\n

As far as I can tell it all looks valid to me, and I certainly don’t have this issue when I make the same request via AWS ELB or ALB.

Any bright ideas for further troubleshooting?

Also - this is HAProxy v1.8.

Cheers,
-Paul

Which haproxy release exactly? Can you provide the output of haproxy -vv and overview of your configuration (are you using SSL, compression features, HTTP/2, etc)?

Are saying that you can reliably reproduce this with a certain request? Would you be willing to share a tcpdump capture (tcpdump -pns0 -w capture.cap host ) with me privately?

Are you using tune.bufsize in your configuration?

Thank you for replying lukastribus. I managed to finally work it out last night by upping tune.http.maxhdr parameter. It seems surprising that HAProxy cannot mention this specifically within any sort of error notification.

I guess it’s rare using more than 100 headers in a request or response, but I agree, this could have been more obvious.