[ https://issues.apache.org/jira/browse/TS-1424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13749618#comment-13749618 ]
Assaf Yaari commented on TS-1424: --------------------------------- I've attached "traffic.rar". You can see there the "Force close of client connect" logs and then the crash. > Transparent proxy with proxy.config.http.use_client_source_port==1 has > problems if the client is keep-alive and the origin server is not. > ----------------------------------------------------------------------------------------------------------------------------------------- > > Key: TS-1424 > URL: https://issues.apache.org/jira/browse/TS-1424 > Project: Traffic Server > Issue Type: Bug > Environment: 3.2 with transparent (TProxy) interception + > proxy.config.http.use_client_source_port = 1 > Reporter: B Wyatt > Assignee: Alan M. Carroll > Fix For: 4.1.0 > > Attachments: traffic.rar, ts-1424-3-2-x.diff > > > As keep-alive is hop-to-hop ATS will happily support client keep-alive in > instances where an Origin Server terminates the connection after each > transaction. > However, when using proxy.config.http.use_client_source_port this behavior > can cause some sites to break. > When the client is kept alive, subsequent requests are made rapidly and with > the same 4-tuple for addressing. Since ATS is trying to match the 4-tuple > (due to proxy.config.http.use_client_source_port) it enters a 3-way race > between: > # the FIN, FIN/ACK packets being exchanged with the origin server and the new > request packets from the client. If the OS is slow it is possible that ATS > will attempt to reconnect with the same port/address before the connection is > legitimately closed. > # Kernel timers for PAWS and recently closed sockets. This is different (and > much shorter) than the time-wait state and there is no way to disable it > # Everything working out just fine and the connection establishing like normal > The best repro case I've seen is a slow origin server that serves pages in > <frame> tags from the same host but does not support keep-alive > (http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp for > instance) > It is possible that simply respecting a servers keep-alive settings when > using proxy.config.http.use_client_source_port would work as the original > client would change the 4-tuple address for its next connection. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira