Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Website spamming requests to traefik if api is down #230

Open
Brutus5000 opened this issue May 5, 2020 · 3 comments
Open

Website spamming requests to traefik if api is down #230

Brutus5000 opened this issue May 5, 2020 · 3 comments
Labels
Bug

Comments

@Brutus5000
Copy link
Member

Insights from the new test server, when the website on the old test server was still running:

faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39224: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39226: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39228: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39230: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39232: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39234: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39236: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39238: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39240: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39242: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39244: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39246: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39248: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39250: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39252: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39254: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39256: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39258: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39260: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39262: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"
faf-traefik_1            | time="2020-05-05T22:06:20Z" level=debug msg="http: TLS handshake error from 94.130.169.29:39264: strict SNI enabled - No certificate found for domain: \"api.test.faforever.com\", closing connection"

Causing significant load on Traefik for no reason.

Problem 1: Stop the spam if api is down
Problem 2: Use the internal dns instead of external DNS roundtrip
@Brutus5000 Brutus5000 added the Bug label May 5, 2020
@MrRowey MrRowey mentioned this issue Oct 19, 2021
Closed
13 tasks
@MrRowey
Copy link
Member

MrRowey commented Feb 18, 2022

@Brutus5000 is this still an issue ?

@Brutus5000
Copy link
Member Author

As far as I know yes.

@fcaps
Copy link
Collaborator

fcaps commented Dec 5, 2023

Problem 1: Stop the spam if api is down

cannot reproduce this anymore, can you guide me?

Problem 2: Use the internal dns instead of external DNS roundtrip

this can be fixed on the server via extra_hosts or similar config

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Brutus5000 @MrRowey @fcaps