Apache, IIS and 502 proxy error

I have some servers in my network. There is one public Apache server that proxies requests to these servers. These servers are not directly visible from internet. Some of these servers run IIS and ASP.NET web applications. When accessing these servers through internet then sometimes Apache reports a problem: 502 proxy error.

After some digging in internet I found out what’s going on between Apache and IIS. There is very informative bug report in Apache issue tracker – Bug 37770 – proxy: error reading status line from remote server (null). Comment #17 states reason of error as follows:

The problem also only occurs for us when we use an IIS backend device, with an apache its ok. From a tcpdump the only diff I can see between the two sessions is that the IIS closes the connection when the keep-alive time out is reached with a TCP RST packet, while the apache does a Fin/Ack handshake. When IIS sends this RST packet the next request to the mod_proxy device that’s hits the worker with the RST connection returns the 502 error msg.

So, there is some misunderstandings between Apache proxy stuff and IIS. Although some guys suggest to use very long timeouts and hacks to Apache source code there is very simple fix that works very well for me. Make sure you have mod_env enabled and add these lines to Apache configuration file.

SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1

After restarting Apache server the communication between Apache and IIS should work fine. After these modifications I have seen no error 502 anymore.

Liked this post? Empower your friends by sharing it!
Categories: IIS

View Comments (13)

  • This post is very timely. I just set up dev environments for me and my co-workers at my job, and this issue has been frustrating us. Many thanks.

  • Nice blog
    I am facing same problem. I have done the above mentioned changes SetEnv. But still getting the same error.I am using apache 2.2.3

  • Firstly, I would like to know the impact of 502 error. When the apache act as proxy reported 502, how the apache will assume the status of IIS servers?

    On other hand, the two setenv will fallback to httpd/1.0 without keepalive. Does it may increaes the TCP sockets needed to be opened as no more keepalive?

    This will increase the loading for the IIS server.

  • I am getting this error in two scenarious after this env setting is done,
    if the request that is made from the browser is time taking/bigger size data as a result.
    and observed if number of simultaneous requests are in the range of 5-10

    Please help me

  • Althu, this was written in 2009, but helped me last day. Was having same issue and was unable to find root couse. This helps. Thanks a lot and keep up the good things.

  • I had a similar problem and resorted to turning of HTTP keep-alive among the common response headers in IIS. Works for both IIS6 and IIS7.

  • Checked out your Gateway IP, Same problem did hurt me also on inspection i found that i did't give my Gateway IP to my LAN Card.

  • After upgrading my IIS backend from Windows 2003/IIS6 to Windows 2008/IIS7 I suddenly got 502 errors. Thanks to this post I was able to sort out the issue, thanks a lot!!!

Related Post