ProxyPass and connection reset by peer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 

Hi all,

 

I am running httpd 1.3.37 on Linux 2.4.33.3 as a reverse proxy server fronting a corporate web portal to the Internet.  Lately, I have seen a rise in client complaints of web pages not loading completely, and when I check Apache logs I see several messages like the following directly tied to what the particular user was doing:

 

[Fri Feb  6 16:41:17 2009] [error] [client 11.222.333.444] (104)Connection reset by peer: proxy: error r

eading from https://www.someplace.com/irj/servlet/prt/portal/prtpos/com!252esap!252eportal!252enavigation

!252eportallauncher!252edefault!7b!3b1!7d/prttarget/pcd!253aportal_content!252fcom!252ecooper!252efl_coo

per_internal!252fcom!252ecooper!252efl_cooper_internal_iviews!252fcom!252ecooper!252eCooperCustomerCente

r!252fcom!252ecooper!252eDesktop!252fcom!252ecooper!252eNewCCCDefaultDesktop!252fframeworkPages!252fcom!

252ecooper!252eportal!252eNew_CCC_Light_Framework_Page.com!252esap!252eportal!252elightinnerpage.com!252

ecooper!252eCCCContentAreaLight.content/prteventname/HtmlbEvent/prtroot/com.sap.portal.navigation.portal

launcher.default

 

The connection path is    Browser -> [SSL] -> ReverseProxy -> [ProxyPass] -> [SSL] -> AppServer

 

When the reverse proxy is bypassed (ie, accessed from internal network) we don’t see this issue at all.  Feedback I’m getting from the apps people after comparing TCPDUMP traces is that the reverse proxy box is resetting connections instead of going through the normal FIN/ACK handshake process.  Although, from the above error log entry, it appears that it is the app server which is resetting the connection.

 

My questions so far:

 

1)       What is the above error really telling me? 

2)       Am I correct that the connection which was reset was RP -> appserver, and not browser -> RP?

3)       Who is really resetting the connection, the RP or the app server?

4)       This issue has been seen off and on for the past year, but has become worse in the past two months.  I theorize the problem to be increased traffic / volume-related, as this reverse proxy also services a few other domains.  Is there any information available on kernel (IP stack) or HTTP parameter tuning for such a server?

5)       I see SSL config directives that allow me to limit which SSL protocol I will allow from the client.  Is there any way to force the SSL protocol (and even the encryption method) that I use when ProxyPass opens the socket to my app server?

 

 

Thanks!

 

 

 

Eric C. Webb
Sr. Systems Analyst / Unix System Administrator


Cooper Industries IT Solutions & Services
(770) 486-4623   FAX: (770) 486-4677

 

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux