Click here to Skip to main content
12,394,573 members (71,184 online)
Rate this:
 
Please Sign up or sign in to vote.
Hi,

I've got a tough question here. Let me explain first explain the infrastructure in which it occurs.

Some of our clients operate with environments which utilise proxy servers, so access to our sites is done so via the proxy. They come through our DMZ and firewall to a NLB cluster which hosts an array of web servers.

Once roughly every six months, the set up develops a fault which only affects our clients using proxy servers.

When the fault happens. If a request from the proxy site, at the tcp/ip level is short enough to be transmitted within a single network packet, then an NLB node will receive the request and serve the response as requested.

If the request is longer than that which can be transmitted on a single network packet, none of the NLB nodes accept the 2nd packet and the request never reaches IIS.

When the fault occurs it affects all of the NLB nodes. But whilst the fault is occurring any site not behind a proxy can continue to use the site without fault.

Restarting the firewall fixes the issue, but we've been through the process with the manufacturer, running several traces and can see the firewall is behaving as expected.

Any thoughts would be much appreciated.
Posted 11-Jun-12 0:09am
Updated 11-Jun-12 0:19am
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


Advertise | Privacy | Mobile
Web02 | 2.8.160721.1 | Last Updated 11 Jun 2012
Copyright © CodeProject, 1999-2016
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100