nginx returns 503 when it gets 403 from haproxy

CJ Ess zxcvbn4038 at gmail.com
Sat Apr 16 19:24:34 UTC 2016


It sounds like this is not as straight forward as I had hoped, I'll do like
Francis Daly said and put together a test case - I'll get some packet
captures to see what exactly is being sent between all the components.


On Fri, Apr 15, 2016 at 4:49 PM, Валентин Бартенев <vbart at nginx.com> wrote:

> On Thursday 14 April 2016 22:45:36 CJ Ess wrote:
> > In my environment I have Nginx terminating connections, then sending them
> > to an HAProxy upstream. We've noticed that whenever HAProxy emts a 403
> > error (Forbidden, in response to our ACL rules), NGINX reports a 503
> result
> > (service unavailable) and I believe is logging an "upstream prematurely
> > closed connection while reading response header from upstream" error
> > message in the nginx error log.
> >
> > What I'd really like to do is pass the 403 code back to the user - what
> do
> > I need to do?
>
> That message suggests that haproxy closes connection before properly
> returning
> headers.  So nginx can't pass 403 since it can't get it right from haproxy.
>
> You should check what is wrong with haproxy.
>
>   wbr, Valentin V. Bartenev
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20160416/2d16591e/attachment.html>


More information about the nginx mailing list