Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
Hi,
 
I've got a tough question here. Let me explain first explain the infrastructure in which it occurs.
 
Some of our clients operate with environments which utilise proxy servers, so access to our sites is done so via the proxy. They come through our DMZ and firewall to a NLB cluster which hosts an array of web servers.
 
Once roughly every six months, the set up develops a fault which only affects our clients using proxy servers.
 
When the fault happens. If a request from the proxy site, at the tcp/ip level is short enough to be transmitted within a single network packet, then an NLB node will receive the request and serve the response as requested.
 
If the request is longer than that which can be transmitted on a single network packet, none of the NLB nodes accept the 2nd packet and the request never reaches IIS.
 
When the fault occurs it affects all of the NLB nodes. But whilst the fault is occurring any site not behind a proxy can continue to use the site without fault.
 
Restarting the firewall fixes the issue, but we've been through the process with the manufacturer, running several traces and can see the firewall is behaving as expected.
 
Any thoughts would be much appreciated.
Posted 11-Jun-12 1:09am
Edited 11-Jun-12 1:19am
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 George Jonsson 175
1 Kornfeld Eliyahu Peter 169
2 Zoltán Zörgő 139
3 PIEBALDconsult 130
4 OriginalGriff 120
0 OriginalGriff 6,165
1 DamithSL 4,658
2 Maciej Los 4,107
3 Kornfeld Eliyahu Peter 3,649
4 Sergey Alexandrovich Kryukov 3,342


Advertise | Privacy | Mobile
Web02 | 2.8.141220.1 | Last Updated 11 Jun 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100