HAProxy, PROXY Protocol, and SSL extras

by marcantonio   Last Updated September 11, 2019 21:00 PM

I'm trying to set up HAProxy to pass on SSL information with PROXY protocol. So far I've been unsuccessful. My test config:

global
        chroot /tmp/haproxy-chroot
        log stderr format raw local0 debug

defaults
        mode tcp

frontend testpp
         bind *:5000
         mode tcp
         option tcplog
         option logasap
         log global
         timeout client 1s #15s
         default_backend nginx

backend nginx
        mode tcp
        log global
        timeout server 1s #20s
        timeout connect 1s #10s
        server nginx1 localhost:443 send-proxy-v2-ssl

However, when I run tcpdump, I don't see the extra data:

        0x0000:  4500 029e 0918 4000 4006 3140 7f00 0001  [email protected]@[email protected]
        0x0010:  7f00 0001 c55c 05a3 905c 04de 5983 fd53  .....\...\..Y..S
        0x0020:  8018 0156 0093 0000 0101 080a 96ee 0dcb  ...V............
        0x0030:  96ee 0dcb 0d0a 0d0a 000d 0a51 5549 540a  ...........QUIT.
        0x0040:  2111 0014 47a2 f3d2 0a01 015c d6b2 1388  !...G......\....
        0x0050:  2000 0500 0000 0000 1603 0102 4101 0002  ............A...
                                      ^-------------------TLS starts here

If I run with with just send-proxy-v2 (no -ssl) I see the exact same thing.

Am I missing something about how this should work?

Tags : ssl haproxy


Related Questions


haproxy.cfg 1.5.12 log file error

Updated May 03, 2015 22:00 PM

HAProxy track_script + nopreempt not working

Updated April 23, 2015 01:00 AM

HAProxy - forward to a different URI

Updated September 16, 2015 10:00 AM

HAproxy for load balancing vsFTPd servers

Updated September 25, 2015 11:00 AM