Hi Scott,
On Fri, Dec 21, 2007 at 10:46:22AM -0800, Scott Smith wrote:
> hi, i've implemented haproxy on a few sites here and have started seeing
> a large amount of "BADREQ" errors both in the stats page and haproxy log.
>
> here is an example:
>
> Dec 21 09:50:16 localhost.localdomain haproxy[14623]: n.n.n.n:58265
> [21/Dec/2007:09:50:16.261] mongrel-cluster mongrel-cluster/<NOSRV>
> -1/-1/-1/-1/1 -1 0 - - CR-- 1740/720/720/0 0/0 "<BADREQ>"
>
> based on the documentation, the client is getting disconnected too
> early. i set clitimeout higher but it had no effect.
>
> what can i do to eliminate these?
Nothing, the client is really the bad one here. Look at the timers : -1 for the request means the request was never completely sent 1 for the total time means that the total session lasted 1 ms CR means it was the client who closed the session before sending the request
You receive wrong or empty requests on your public port. In my opinion, and judging by the fact that the client almost instantly disconnects, you're just facing a TCP host or port scan.
You can try to capture ethernet traffic on the public interface if you want, then stop once you've got such a log. I'm almost sure that there's nothing sent, just SYN/SYN-ACK/RST.
Regards,
Willy
Received on 2007/12/21 21:24
This archive was generated by hypermail 2.2.0 : 2007/12/21 21:30 CET