haproxy resolvers, DNS query not send / result NXDomain not expected (no replies)

Hi Remi and Baptiste / haproxy users,

Thanks for the quick fix for socket issues.

Haproxy now starts succesfull and sends some DNS requests successfully.
However the google backend server immediately go's down.
Not sure if its more or less the same issue reported by Conrad.?. Tried
his fix but that did not seem to solve the issue.

See below some tcpdump results with original haproxy code + Remi's patch.

The googlesite server is marked down almost imidiately after starting..
It does not seem to understand the 'NXDomain' reply?
The testsite2 does not send DNS query's, should it not send a dns query
every 10 seconds?

Or maybe i'm misinterpreting the 'hold valid' description?
Perhaps you guy's could take another look?

Thanks in advance, best regards,
PiBa-NL

Same environment as before (p.s. if you want to test it yourself, its
quite easy to install the OPNsense iso into a virtualbox machine, thats
how im testing it).
# uname -a
FreeBSD OPNsense.localdomain 10.1-RELEASE-p18 FreeBSD 10.1-RELEASE-p18
#0 71275cd(stable/15.7): Sun Aug 23 20:32:26 CEST 2015
root@sensey64:/usr/obj/usr/src/sys/SMP amd64
# haproxy -v
[ALERT] 249/200618 (55609) : SSLv3 support requested but unavailable.
HA-Proxy version 1.6-dev4-b7ce424 2015/09/03
Copyright 2000-2015 Willy Tarreau <willy@haproxy.org>

global
maxconn 100
defaults
mode http
timeout connect 30000
timeout server 30000
timeout client 30000
resolvers globalresolvers
nameserver googleA 8.8.8.8:53
resolve_retries 3
timeout retry 1s
hold valid 10s
listen www
bind 0.0.0.0:81
log global
server googlesite www.google.com:80 check inter 2000
resolvers globalresolvers
server testsite2 nu.nl:80 check inter 2000
resolvers globalresolvers

19:42:53.843549 IP 192.168.0.112.44128 > 8.8.8.8.53: 46758+ AAAA?
www.google.com. (32)
19:42:53.859410 IP 8.8.8.8.53 > 192.168.0.112.44128: 46758 1/0/0 AAAA
2a00:1450:4013:c01::93 (60)
19:42:53.859929 IP 192.168.0.112.42866 > 8.8.8.8.53: 57888+ A? nu.nl. (23)
19:42:53.877414 IP 8.8.8.8.53 > 192.168.0.112.42866: 57888 1/0/0 A
62.69.166.254 (39)
19:42:53.877693 IP 192.168.0.112.54655 > 8.8.8.8.53: 983+ AAAA? nu.nl. (23)
19:42:53.894598 IP 8.8.8.8.53 > 192.168.0.112.54655: 983 0/1/0 (89)
19:42:55.907078 IP 192.168.0.112.53716 > 8.8.8.8.53: 21069+ ANY?
www.google.com:80. (35)
19:42:55.924236 IP 8.8.8.8.53 > 192.168.0.112.53716: 21069 NXDomain
0/1/0 (110)
19:42:59.923338 IP 192.168.0.112.53716 > 8.8.8.8.53: 52649+ ANY?
www.google.com:80. (35)
19:42:59.940424 IP 8.8.8.8.53 > 192.168.0.112.53716: 52649 NXDomain
0/1/0 (110)
19:43:03.937163 IP 192.168.0.112.53716 > 8.8.8.8.53: 5746+ ANY?
www.google.com:80. (35)
19:43:03.955002 IP 8.8.8.8.53 > 192.168.0.112.53716: 5746 NXDomain 0/1/0
(110)
19:43:07.957851 IP 192.168.0.112.53716 > 8.8.8.8.53: 32478+ ANY?
www.google.com:80. (35)
19:43:07.973450 IP 8.8.8.8.53 > 192.168.0.112.53716: 32478 NXDomain
0/1/0 (110)
19:43:11.977145 IP 192.168.0.112.53716 > 8.8.8.8.53: 48547+ ANY?
www.google.com:80. (35)
19:43:11.994878 IP 8.8.8.8.53 > 192.168.0.112.53716: 48547 NXDomain
0/1/0 (110)
19:43:16.013370 IP 192.168.0.112.53716 > 8.8.8.8.53: 24088+ ANY?
www.google.com:80. (35)
19:43:16.033331 IP 8.8.8.8.53 > 192.168.0.112.53716: 24088 NXDomain
0/1/0 (110)
19:43:20.025739 IP 192.168.0.112.53716 > 8.8.8.8.53: 52900+ ANY?
www.google.com:80. (35)
19:43:20.041989 IP 8.8.8.8.53 > 192.168.0.112.53716: 52900 NXDomain
0/1/0 (110)
19:43:24.038682 IP 192.168.0.112.53716 > 8.8.8.8.53: 28729+ ANY?
www.google.com:80. (35)
19:43:24.055154 IP 8.8.8.8.53 > 192.168.0.112.53716: 28729 NXDomain
0/1/0 (110)
19:43:28.060200 IP 192.168.0.112.53716 > 8.8.8.8.53: 27289+ ANY?
www.google.com:80. (35)
19:43:28.076947 IP 8.8.8.8.53 > 192.168.0.112.53716: 27289 NXDomain
0/1/0 (110)
19:43:32.077052 IP 192.168.0.112.53716 > 8.8.8.8.53: 54796+ ANY?
www.google.com:80. (35)
19:43:32.092108 IP 8.8.8.8.53 > 192.168.0.112.53716: 54796 NXDomain
0/1/0 (110)
19:43:36.094322 IP 192.168.0.112.53716 > 8.8.8.8.53: 4256+ ANY?
www.google.com:80. (35)
19:43:36.111877 IP 8.8.8.8.53 > 192.168.0.112.53716: 4256 NXDomain 0/1/0
(110)
19:43:40.117106 IP 192.168.0.112.53716 > 8.8.8.8.53: 7297+ ANY?
www.google.com:80. (35)
19:43:40.132362 IP 8.8.8.8.53 > 192.168.0.112.53716: 7297 NXDomain 0/1/0
(110)
19:43:44.138071 IP 192.168.0.112.53716 > 8.8.8.8.53: 46840+ ANY?
www.google.com:80. (35)
19:43:44.154351 IP 8.8.8.8.53 > 192.168.0.112.53716: 46840 NXDomain
0/1/0 (110)
19:43:48.157131 IP 192.168.0.112.53716 > 8.8.8.8.53: 13717+ ANY?
www.google.com:80. (35)
19:43:48.173579 IP 8.8.8.8.53 > 192.168.0.112.53716: 13717 NXDomain
0/1/0 (110)
19:43:52.175307 IP 192.168.0.112.53716 > 8.8.8.8.53: 65214+ ANY?
www.google.com:80. (35)
19:43:52.192398 IP 8.8.8.8.53 > 192.168.0.112.53716: 65214 NXDomain
0/1/0 (110)

# haproxy -f /var/haproxy.cfg -d
[ALERT] 249/194253 (11160) : SSLv3 support requested but unavailable.
Available polling systems :
kqueue : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use kqueue.
Using kqueue() as the polling mechanism.
[WARNING] 249/194255 (11160) : Server www/googlesite is DOWN, reason:
Layer4 timeout, check duration: 2011ms. 1 active and 0 backup servers
left. 0 sessions active, 0 requeued, 0 remaining in queue.