Re: RDP Session Broker Redirect Token

Tue, 13 Aug 2013 04:41:56 -0700 

Just an update on this, it looks like there may be a small bug in the way
multiports work when used with RDP as if I specify the port on the real
servers as below it then works correctly.

listen TS-Farm
        bind 192.168.75.38:3389
        mode tcp
        balance leastconn
        persist rdp-cookie
        server backup 127.0.0.1:9081 backup  non-stick
        option tcpka
        tcp-request inspect-delay 5s
        tcp-request content accept if RDP_COOKIE
        timeout client 12h
        timeout server 12h
        option redispatch
        option abortonclose
        maxconn 40000
        log global
        option tcplog
        server TS01 192.168.75.36:3389  weight 1  check   inter 2000  rise 2
fall 3 minconn 0  maxconn 0  on-marked-down shutdown-sessions
        server TS02 192.168.75.37:3389  weight 1  check   inter 2000  rise 2
fall 3 minconn 0  maxconn 0  on-marked-down shutdown-sessions

It would appear that the when Session broker is in Use Token
Redirection mode you have to specify the RIP ports or you end up with
duplicate sessions.

Kind Regards,



On 12 August 2013 17:17, Mathew Levett <[email protected]> wrote:

> Hi all,
>
> We seam to have an issue with haproxy where if we set our TS servers to
> use "Use Token Redirection" instead of "Use IP Redirection (recommended)"
> it does not work.
>
> The configuration I am using is a follows
>
> listen TS-Farm
>       bind 192.168.75.38:3389
>       mode tcp
>       balance leastconn
>       persist rdp-cookie
>       server backup 127.0.0.1:9081 backup  non-stick
>       option tcpka
>       tcp-request inspect-delay 5s
>       tcp-request content accept if RDP_COOKIE
>       timeout client 12h
>       timeout server 12h
>       option redispatch
>       option abortonclose
>       maxconn 40000
>       log global
>       option tcplog
>       server TS01 192.168.75.36  weight 1  check port 3389  inter 2000  rise 
> 2  fall 3 minconn 0  maxconn 0  on-marked-down shutdown-sessions
>       server TS02 192.168.75.37  weight 1  check port 3389  inter 2000  rise 
> 2  fall 3 minconn 0  maxconn 0  on-marked-down shutdown-sessions
>
> However what I have noticed in packet captures is there seams to be both a 
> mstshash=USERNAME first in the stream and then a msts=Encoded IP after
>
> It seams that 70% of the time a user is reconnected to his disconnected 
> session correctly but the other 30% of the time they end up on any one of
>
> the other servers.  I am wondering if haproxy is triggering on the mstshash 
> instead of the msts as that seams to be sent after the mstnshash.
>
> Any help would be greatly received.
>
> Kind Regards.
>
>

Reply via email to