我有一个networking服务器(运行Apache2的Amazon Linux EC2实例),我们称之为“服务器A”,在其上我使用以下方法设置了反向代理:
# (All the appropriate modules are loaded higher up in the conf file) # ... ProxyRequests off ProxyPass /booth5/ http://localhost:8005/ ProxyHTMLURLMap http://localhost:8005 /booth5 <location /booth5/> ProxyPassReverse / SetOutputFilter proxy-html ProxyHTMLURLMap / /booth5/ ProxyHTMLURLMap /booth5 /booth5 RequestHeader unset Accept-Encoding </location> 其中localhost:8005是通过ssh连接转发到位于防火墙后面的服务器的端口。
此设置运行良好,运行一段时间,但一段时间后,服务器A不会向代理服务器发送任何新的请求。
到代理服务器的服务器连接正在进行:
# netstat -napt | grep 8005 tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN 22675/sshd tcp 1 0 127.0.0.1:38860 127.0.0.1:8005 CLOSE_WAIT 28910/httpd tcp 1 0 127.0.0.1:39453 127.0.0.1:8005 CLOSE_WAIT 28548/httpd tcp 1 0 127.0.0.1:44596 127.0.0.1:8005 CLOSE_WAIT 28542/httpd tcp 1 0 127.0.0.1:38774 127.0.0.1:8005 CLOSE_WAIT 28549/httpd tcp 1 0 127.0.0.1:39997 127.0.0.1:8005 CLOSE_WAIT 29889/httpd tcp 1 0 127.0.0.1:39135 127.0.0.1:8005 CLOSE_WAIT 28544/httpd tcp 0 0 ::1:8005 :::* LISTEN 22675/sshd
我相信这是“用尽”SSH隧道上的所有渠道,我希望服务器A的行为方式,它会发送http请求到代理服务器,如有必要,但然后清除连接。
最初我怀疑这是由于代理服务器上的Apache进行持续连接,所以我更新了configuration,包括:
# Timeout: The number of seconds before receives and sends time out. # Timeout 300 Timeout 30 # KeepAlive: Whether or not to allow persistent connections (more than # one request per connection). Set to "Off" to deactivate. KeepAlive On # MaxKeepAliveRequests: The maximum number of requests to allow # during a persistent connection. Set to 0 to allow an unlimited amount. # We recommend you leave this number high, for maximum performance. #MaxKeepAliveRequests 100 MaxKeepAliveRequests 6 # KeepAliveTimeout: Number of seconds to wait for the next request from the # same client on the same connection. KeepAliveTimeout 5
我还没有尝试设置KeepAlive Off 。 我试图从短暂的/持续的连接中获得一些好处,但是他们没有closures。
Apacheconfiguration正确的地方解决这个问题? 它是否是隧道的sshconfiguration的一部分? (如果需要,可以提供configuration)。
不幸的是,这看起来像是一个已知的Apache和mod_proxy代码的bug: https ://issues.apache.org/bugzilla/show_bug.cgi ? id = 51814
我现在已经转向了另一种解决scheme。