I have two servers, one serves HTTP and the other serves HTTPS.
I opened a TCP connection to the HTTP server
nc http.server 80
It kept open for very long time and I had to CTRL+C. I can verify the connection opened and closed using tcpdump.
But if I sent a HTTP request, the connection will be closed after being idle for 10s, which I can also see the server initiated FIN handshake.
GET / HTTP1.1
Host: http.server
I did the same thing to the HTTPS server
openssl s_client -connect https.server:443 -servername https.server
Similar thing happened that if I don't send anything request the connection will open for long time and once I send a request the connection will be closed after 10s.
So my question is how do you explain this behavior? I only know that the two servers have HAProxy setup.
It is not that unusual to have a fairly long timeout when waiting for a request to start. This is most useful to keep a TCP connection alive between requests to speed the response to subsequent requests. It makes sense to keep a TCP connection around in case you need it soon.
It is, however, unusual to pause in the middle of a request. That is much more likely to indicate that the connection isn't working correctly. Why would the client start sending a request if they weren't going to send the entire request? Also, the server is using more resources because it has to store the portions of the request that have already been sent. So it makes sense to use a much shorter timeout here.
In summary, in the case of a new TCP connection, you are getting the "wait for start of request" timeout, which it makes sense to make fairly long. In the case of a partial quest, you are getting the "stopped in the middle of a request" timeout, which it makes sense to keep fairly short.