了解HAProxy前端和后端当前会话状态

我已经configurationHAProxy一个单一的前端和后端，从统计页面我看到以下统计：

system limits: memmax = unlimited; ulimit-n = 20013 maxsocs = 20013; maxconn = 10000; maxpripes =0 current conns = 361; current pipes 0/0; conn rate = 27/sec Running tasks: 1/366; idle = 98% 

在会话前端部分，我看到：

 Cur: 360 Max: 427 Limit 2000 

在后端：

 Cur: 0 Max: 3 Limit: 2000 

为了简化，我附上了这个数字的形象：

• 对于给定的情况，您对软件负载平衡器或负载分配器有什么build议？
• HAProxy和Stunnel PCI合规性
• Haproxy不logging捕获的具有自定义日志格式的请求标头
• Haproxy中的很多FIN_WAIT2，CLOSE_WAIT，LAST_ACK和TIME_WAIT
• HAProxy将文件中的主机设置为acl

我不明白的是，为什么如果当前连接是： 361 ，后端有0 。

难道是由于timeout queue设置，HAproxy限制/排队传入的连接到一些如何保护后端？

如何知道前端联系后端的时间？

这是我正在使用的testingconfiguration：

 global maxconn 10000 spread-checks 3 log /var/run/log local0 notice daemon tune.ssl.default-dh-param 2048 ssl-default-bind-options no-sslv3 no-tls-tickets ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5:!DSS ssl-default-server-options no-sslv3 ssl-default-server-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5:!DSS defaults balance roundrobin option http-server-close option abortonclose option dontlognull mode http timeout check 3s timeout client 30s # Client and server timeout must match the longest timeout connect 5s timeout http-keep-alive 10s timeout http-request 10s # A complete request may never take that long. timeout queue 10s # Don't queue requests too long if saturated. timeout server 10s # Time we may wait for a response from the server. retries 3 log global errorfile 408 /dev/null frontend http-in bind *:80 option httplog option forwardfor if-none default_backend nodes-http backend nodes-http option httpchk GET / http-check disable-on-404 rspirep ^Cache-Control Cache-Control:\ public,\ max-age=60,\ must-revalidate server node1 :8000 maxconn 2000 check 

提前致谢。