6 02 2009
Apache, IIS and 502 proxy error
I have some servers in my network. There is one public Apache server that proxies requests to these servers. These servers are not directly visible from internet. Some of these servers run IIS and ASP.NET web applications. When accessing these servers through internet then sometimes Apache reports a problem: 502 proxy error.
After some digging in internet I found out what’s going on between Apache and IIS. There is very informative bug report in Apache issue tracker – Bug 37770 – proxy: error reading status line from remote server (null). Comment #17 states reason of error as follows:
The problem also only occurs for us when we use an IIS backend device, with an apache its ok. From a tcpdump the only diff I can see between the two sessions is that the IIS closes the connection when the keep-alive time out is reached with a TCP RST packet, while the apache does a Fin/Ack handshake. When IIS sends this RST packet the next request to the mod_proxy device that’s hits the worker with the RST connection returns the 502 error msg.
So, there is some misunderstandings between Apache proxy stuff and IIS. Although some guys suggest to use very long timeouts and hacks to Apache source code there is very simple fix that works very well for me. Make sure you have mod_env enabled and add these lines to Apache configuration file.
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
After restarting Apache server the communication between Apache and IIS should work fine. After these modifications I have seen no error 502 anymore.