Websocket connection is closed/reconnected after 45s over traefik, not locally

Installation
1

Hello together,

I have HomeAssistant running as a docker container with traefik as my reverse proxy.
I have a very strange problem currently, which I only noticed because I integrated my rtsp cam into HASS. (But the Problem also appears without cam, just isnt visible)

Around every 60-90s the /api/Websocket connection to HASS is closed and immediately reconnected.
This only happens when I access my HASS Installation via FQDN over traefik.
If I connect directly over LAN-IP with the same browser this does not happen and the websocket connections lives forever.

I checked this with the developer Tools in chrome an noticed something.

When the websocket connection is closed the time for the ContentDownload is always exaclty 45s.
The “stalled” always different between 0-40s.

image
image799Ă—560 28.5 KB

After some googeling I found out that Chrome seems to have a 45s tcp keepalive intervall.

image
image1284Ă—235 22.5 KB

With this info I tried Firefox.
With Firefox the behaviour is different but also not perfect.
The Websocket connection also stops receiving events after 0-40s like in Chrome but it does not automatically reconnect 45s later.

Does anyone have some tipps to try?

my docker compose files:

version: '3'
services:
  app:
    image: ghcr.io/home-assistant/home-assistant:beta
    volumes:
      - config:/config
      - /etc/localtime:/etc/localtime:ro
    restart: unless-stopped
    network_mode: host
    labels:
      - traefik.enable=true
      - traefik.http.routers.homeassistant.rule=Host(`domain.tld`)
      - traefik.http.routers.homeassistant.entrypoints=websecure
      - traefik.http.services.homeassistant.loadbalancer.server.port=8123
      - traefik.http.routers.homeassistant.service=homeassistant

Traefik:

services:
  app:
    image: traefik:beaufort #tried  v2 and v3
    restart: always
    command:
      - --log.level=DEBUG
      - --accesslog=true
      - --api.dashboard=true
      - --experimental.http3=true 
      - --serverstransport.insecureskipverify=true
      - --providers.docker=true
      - --providers.docker.exposedbydefault=false
      - --providers.docker.network=traefik_default
      - --providers.file=true
      - --providers.file.directory=/letsencrypt
      - --entrypoints.websecure.address=:443
      - --entrypoints.websecure.http3
      - --entrypoints.websecure.http3.advertisedPort=443
      - --experimental.http3=true
      - --entrypoints.websecure.http.tls=true
      - --entrypoints.websecure.http.tls.certresolver=leresolver
#These did not help 
      - --entryPoints.websecure.transport.respondingTimeouts.readTimeout=0
      - --entryPoints.websecure.transport.respondingTimeouts.writeTimeout=0
      - --entryPoints.websecure.transport.respondingTimeouts.idleTimeout=0     

    ports:
      - 443:443/tcp
      - 443:443/udp
    volumes:
      - certs:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock:ro
    extra_hosts:
      - host.docker.internal:172.17.0.1
1 Like