Proxy Protocol and Timeout / Connection Refused

Hi Folks,

I’m running Kong as an Ingress controller on Linode LKE behind their NodeBalancer (as a layer 4 load balancer).

Everything works great, for the most part. Without proxy protocol, I have no problems and can process 900 requests per second without any problems. The only issue is that I can’t get the Client IP, and therefore, can’t rate limit, whitelist or blacklist IPs.

When I enable proxy protocol, things also seem great, but only for some time. After a while, I start to randomly get Connection Refused or timeouts, on the same HTTP calls that return a 200. So if I fire 10 HTTP calls to the same endpoint, 8 will be fine, 2 will not.

I have spent 10 days trying to find something in the logs, but naturally I cannot see failed requests in the logs because the logs are for stuff that has been served by Kong/Nginx, not something it refuses to or was unable serve.

So my question is, what changes in the ecosystem of Kong when Proxy Protocol is enabled. Does it use upstream latency any differently from when proxy protocol is not enabled? Could anything else only be firing when Proxy Protocol is enabled?

I’m using Ingress controller v1.2 and Kong v2.3 in the Kubernetes manifests on Kubernetes 1.20.5.

Any help would be much appreciated.

Thank you.

False Alarm. Just happened to be a bot attack that was almost sync’d with my testing proxy_protocol. Eventually it went out of sync.

1 Like

© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ