I’m testing this to load balance a web applications however the developers are telling me that I cannot have vary: Accept-Encoding over the headers, if I use the web application directly on it’s web server indeed I don’t have that header but passing through HAProxy I get that.
Haproxy will set the Vary: Accept-Encoding header, if it compresses the response, which is required to avoid messing up intermediate downstream caching proxies:
Built with multi-threading support (MAX_THREADS=64, default=2).
Built with network namespace support.
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Built with zlib version : 1.2.7
Running on zlib version : 1.2.7
Compression algorithms supported : identity(“identity”), deflate(“deflate”), raw-deflate(“deflate”), gzip(“gzip”)
Built without PCRE or PCRE2 support (using libc’s regex instead)
Encrypted password support via crypt(3): yes
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available multiplexer protocols :
(protocols marked as cannot be specified using ‘proto’ keyword)
h2 : mode=HTX side=FE|BE mux=H2
h2 : mode=HTTP side=FE mux=H2
: mode=HTX side=FE|BE mux=H1
: mode=TCP|HTTP side=FE|BE mux=PASS
I see something about the use of zlib however in my configuration I don’t have any reference to compression actually I left it very simple just to see if the header would get disabled but it didn’t here’s my config.
global
log 127.0.0.1 local2
log 127.0.0.1 local2 notice
chroot /var/lib/haproxy
stats timeout 30s
maxconn 2000
user haproxy
group haproxy
daemon
In this configuration, haproxy will not add a Vary header. Make sure that there are no obsolete haproxy processes running in the background (with old configuration), this often happens as haproxy uses SO_REUSPORT, allowing the kernel to bind multiple processes to the same listening socket.
If you can guarantee that the only haproxy instance is running this specific configuration, I suggest you run curl -vv <affected-destination-URL> against haproxy and for comparison, against the backend directly. Provide the output of both and put it into code tags </> here.