I understand your traffic flow is as follows:
Client ----> HaProxy ------> NLB --------> Three targets
So based on your notes, you ran a dig to the NLB DNS and you saw three IP addresses that are not of the targets. Please correct me if I misunderstood.
When running a dig to the ELB DNS, the IP Addresses that appears belong to the NLB nodes and not of the targets, hence you saw different IPs of the targets . For more information on NLB IPs, you can refer to the following document: https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html
Enlisting the IP addresses of the targets, it changes your traffic flow as Client ----> HaProxy ---> Three targets. Your HaProxy hits the target directly without going through the load balancer. I would like to suggest, enlisting the NLB DNS name back and then troubleshoot the NLB issue.
You can refer to the following document on troubleshooting issues: https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-troubleshooting.html
My Network Load Balancer is not enforcing the target Security groupasked 3 years ago
Connections time out of a client request to a Network Load Balancerasked 7 months ago
Why can an instance in a target group not reach itself via NLB?Accepted Answerasked 2 years ago
DNS not resolving correctlyasked 2 months ago
How to get traffic from a public API Gateway to a private one?Accepted Answerasked a month ago
What is the main differences between an load balancer and a autoscaling groupasked 4 days ago
Create ECS service using existing load balancer with existing target groupasked 6 months ago
inbound rule of security group for EC2 Instance in private subnetasked 8 months ago
Cannot select a target group with alb target type when creating an application load balancerAccepted Answerasked a month ago
ECS fails to remove a task from the load balancer target group?asked 3 months ago