Good evening folk of the discourse 
So … I’ve set up this abomination. Its an Apache front-end (for MODSECURITY) with a HAPROXY backend doing layer 4 load-balancing.
Because the back-end connections would use a single IP, i configured Apache and HAPROXY et al, to show and use the actual source IP of the incoming connection to balance on the back-end.
I tested it with two IP addresses on my internal network and it worked!
But now im finding its not quite doing the balancing as good.
Wondering if anyone can shed some light on it?
Here is my config:
frontend haproxy
bind 127.0.0.1:9000
mode tcp
default_backend haproxy-back
option tcplog
timeout client 1m
backend haproxy-back
mode tcp
fullconn 9999
option tcplog
timeout connect 1m
timeout server 1m
balance leastconn
source 0.0.0.0 usesrc clientip
stick-table type ip size 25m expire 60m
stick on src
server web01 192.168.0.1:80 check inter 30s
server web02 192.168.0.2:80 check inter 30s