[jira] [Updated] (TS-1424) Transparent proxy with proxy.config.http.use_client_source_port==1 has problems if the client is keep-alive and the origin server is not.

[Leif Hedstrom (JIRA)]

     [ 
https://issues.apache.org/jira/browse/TS-1424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Leif Hedstrom updated TS-1424:
------------------------------

    Fix Version/s: 3.3.2
    
> Transparent proxy with proxy.config.http.use_client_source_port==1 has 
> problems if the client is keep-alive and the origin server is not.
> -----------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: TS-1424
>                 URL: https://issues.apache.org/jira/browse/TS-1424
>             Project: Traffic Server
>          Issue Type: Bug
>         Environment: 3.2 with transparent (TProxy) interception + 
> proxy.config.http.use_client_source_port = 1
>            Reporter: B Wyatt
>            Assignee: Alan M. Carroll
>             Fix For: 3.3.2
>
>
> As keep-alive is hop-to-hop ATS will happily support client keep-alive in 
> instances where an Origin Server terminates the connection after each 
> transaction. 
> However, when using proxy.config.http.use_client_source_port this behavior 
> can cause some sites to break.  
> When the client is kept alive, subsequent requests are made rapidly and with 
> the same 4-tuple for addressing.  Since ATS is trying to match the 4-tuple 
> (due to proxy.config.http.use_client_source_port) it enters a 3-way race 
> between: 
> # the FIN, FIN/ACK packets being exchanged with the origin server and the new 
> request packets from the client.  If the OS is slow it is possible that ATS 
> will attempt to reconnect with the same port/address before the connection is 
> legitimately closed.
> # Kernel timers for PAWS and recently closed sockets.  This is different (and 
> much shorter) than the time-wait state and there is no way to disable it
> # Everything working out just fine and the connection establishing like normal
> The best repro case I've seen is a slow origin server that serves pages in 
> <frame> tags from the same host but does not support keep-alive 
> (http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp for 
> instance)
> It is possible that simply respecting a servers keep-alive settings when 
> using proxy.config.http.use_client_source_port would work as the original 
> client would change the 4-tuple address for its next connection.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira