Hi everybody,
I am facing a problem which I cannot solve in a satisfying way and after
searching the known resources for a while I wonder if anyone has ever
solved a similiar one.
Let me first describe the situation I have here.
I am using a reverse proxy installation to access a backend server
transparently. However, there are in fact two backend machines instead of
one and they are configured in a cold stand-by way meaning only one is
ever running.
Additionally there is a special dns-resolver which supplies the ip address
of only one of the backend machines depending on which one is running at
the moment during DNS name resolving. This works perfectly as I can check
each time after the switch-over with a simple nslookup command.
The definition of the reverse proxy clause is like this:
NameVirtualHost 192.168.100.10:443
<VirtualHost 192.168.100.10:443>
SSLEngine ON
SSLProxyEngine ON
ProxyPass / https://backend.mydomain.com:8080/
ProxyPassReverse / https://backend.mydomain.com:8080/
</VirtualHost>
Where 192.168.100.10 is the address of the reverse proxy machine and the
fully qualified name of backend.mydomain.com is the logical name of the
service which the dns-resolver resolves to either one of the backend
servers depending on their run status.
When I access the backend service over the reverse proxy the Apache server
running as the reverse proxy caches the IP address of the then running
backend server. Now if I switch the servers, shutting one down and
bringing the other up and updating the dns-resolver, I can see that the
dns-resolving mechanism works but the reverse proxy still uses the cached
IP address of the now defunct backend server.
I have tried to tackle the problem by supplying some parameters to the
ProxyPass clause.
While setting the option disablereuse=On helps to avoid the caching
problem, this is not really an option because it massively degrades the
performance during peak times.
Thus I tried the expiry option by setting smax=0 ttl=30.
I would have expected that this would expire all connections after they
were idle for 30 seconds which would be fine. But this seems not to work.
I have found a corresponding Bug #43371 where the possibility to set smax
to zero was enabled by a patch in the first place. I have analysed the
solution and have found no error with this patch. Nevertheless I think
there still might be a problem with this since some of the requests (But
not all!) are still using the "old" IP address.
Has anyone of you ever had a similiar problem of chached DNS-resolved IP
addresses? Have you found any satisfactory solution? Any additional clues
for me? Any help would be greatly welcome.
Regards
Slawo
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|