Hi Willy, Thanks for the patch and the clarification. That makes total sense now and seams to work perfectly.....Untill you add a Remote Desktop Gateway server into the mix. when I then add that I go back to the same issue of sessions not being reconnected when going via the gateway server. however direct connections to the TS farm VIP are fine. its only when going though the Gateway server first that it breaks.
Packet captures on the loadbalancer show the same traffic for working and non working and they all include the token as expected but i just can not get the sessions that come in via the gateway to reconnect to existing sessions. Anyone have any ideas or seen this before? Kind Regards, On 13 August 2013 16:22, Willy Tarreau <w...@1wt.eu> wrote: > Hi Mathew, > > On Tue, Aug 13, 2013 at 12:40:43PM +0100, Mathew Levett wrote: > > Just an update on this, it looks like there may be a small bug in the way > > multiports work when used with RDP as if I specify the port on the real > > servers as below it then works correctly. > > > > listen TS-Farm > > bind 192.168.75.38:3389 > > mode tcp > > balance leastconn > > persist rdp-cookie > > server backup 127.0.0.1:9081 backup non-stick > > option tcpka > > tcp-request inspect-delay 5s > > tcp-request content accept if RDP_COOKIE > > timeout client 12h > > timeout server 12h > > option redispatch > > option abortonclose > > maxconn 40000 > > log global > > option tcplog > > server TS01 192.168.75.36:3389 weight 1 check inter 2000 > rise 2 > > fall 3 minconn 0 maxconn 0 on-marked-down shutdown-sessions > > server TS02 192.168.75.37:3389 weight 1 check inter 2000 > rise 2 > > fall 3 minconn 0 maxconn 0 on-marked-down shutdown-sessions > > > > It would appear that the when Session broker is in Use Token > > Redirection mode you have to specify the RIP ports or you end up with > > duplicate sessions. > > Hmmm good point. The RDP protocol transmits the port number in the cookie, > so it's a discriminant as well as the address. Thus, I think we should emit > a warning when "persist rdp-cookie" is used in a farm where at least one > server does not have an explicit port. > > Finally I've just done it with the attached patch. Kudos for catching this, > I know how hard it can be sometimes to track long-session persistence > issues! > > Best regards, > Willy > >
