Hi, I noticed an issue today. It might be obvious but to me it was troublesome.
Im running haproxy (kubernetes-ingress) using hostport. I protected a service (exposing an ingress) and used a group for allowing access from specific subnets. (servers are behind a F5 so forwarded headers are used)
client-a: blocked
client-b: allowed
1. request from client-a is blocked
2. request from client-b open
but running an request from client-a directly after request from client-b is not blocked(!). In haproxy I need to set
http-connection-mode: http-server-close
It seems that keep-alive from ingress to service breaks security.
Im not sure if this is an issue with nginx.
Appreciate any comments.