On Fri, 13 May 2011 16:40:04 -0400, CDMB wrote
> We have this configure to do do rpc over https for exchange 2010.
> However, every few seconds it seconds disconnected and then restored.

For RPC you'll need a client and a server side timeout of at least 60 seconds.
For the client timeout, please add "Client 60" to your config. 

> ListenHTTPS
>     Address 0.0.0.0
> AddHeader "Front-End-Https: on"
>     Port    443
>     Cert    "/etc/pound/CERT.KEY"
>     Ciphers
"ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
>     MaxRequest 1073741824
>     xHTTP   4
>     Service "exchange"
>         URL
"^/exchange|^/exchweb|^/owa|^/ecp|^/Microsoft-Server-ActiveSync|^/oma|^/"
>         HeadRequire "Host: mail.qadomain1.com"
>         BackEnd
>             Address mail.qadomain1.com
>                 Port 443
>                 HTTPS
>         End
>     End
>     Service "rpc"
>         URL "^/rpc/rpcproxy\.dll\?"
>         HeadRequire "Host: mail.qadomain1.com"
>         BackEnd
>            Address mail.qadomain1.com
>                 Port 443
>                 TimeOut 300
>         HTTPS
>        End
>     End
> End

Though you have configured a server side timeout with "TimeOut 300", it
doesn't apply. Service "exchange" is evaluated first and due to the URL
statement including "^/" it matches any request. Swap the order of the two
Service sections and you should be fine.

Regards,
Frank

poundctl, is part of pound

Regards

2011/5/18 hesam mohamadian <hesam.mohamadian(at)gmail.com>

> hello , i want to know that , can i monitor pound activity like how many
> clients redirect to each backend server or which backend server is ciritical
> ,  or off or track that which client redirect to which backend server via
> pond , I need some program like Haproxy monitoring
> with a best wishes , Hesam
>



-- 
Load balancer distribution - Open Source Project
http://zenloadbalancer.sourceforge.net
Distribution list (subscribe): zenloadbalancer-support(at)lists.sourceforge.net

I am still receiving the spontaneous disconnects.  My config looks like:

## Minimal sample pound.cfg
##
## see pound(8) for details


######################################################################
## global options:

User		"www-data"
Group		"www-data"
#RootJail	"/usr/share/pound"
#Control "/var/run/pound/ctl_socket"
LogLevel 5
Grace 3
TimeOut 3600

## Logging: (goes to syslog by default)
##	0	no logging
##	1	normal
##	2	extended
##	3	Apache-style (common log format)
LogLevel	1

## check backend every X secs:
#Alive		30

## use hardware-accelleration card supported by openssl(1):
#SSLEngine	"<hw>"

# poundctl control socket
Control "/var/run/pound/poundctl.socket"

ListenHTTP
    Address 0.0.0.0
    Port 80
    Service "sslredir"
        HeadRequire "Host: mail.qadomain1.com"
        Redirect "https://mail.qadomain1.com/owa"
    End
    xHTTP 4
End

ListenHTTPS
    Address 0.0.0.0
    Port    443
    Cert    "/etc/pound/CERT.KEY"
    Ciphers "ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
    MaxRequest 1073741824
    xHTTP   4
    Service "rpc"
        URL "^/rpc/rpcproxy\.dll\?"
        HeadRequire "Host: mail.qadomain1.com"
        BackEnd
            Address mail.qadomain1.com
		Port 443
		TimeOut 300
	HTTPS
       End
    End
    Service "exchange"
        URL
"^/exchange|^/exchweb|^/owa|^/ecp|^/Microsoft-Server-ActiveSync|^/om
a|^/"
        #HeadRequire "Host: mail.qadomain1.com"
        BackEnd
            Address mail.qadomain1.com
		Port 443
		
		HTTPS
        End
    End
End
rproxy-01:/


On May 16, 2011, at 6:03 AM, Frank Schmirler wrote:

On Fri, 13 May 2011 16:40:04 -0400, CDMB wrote
> We have this configure to do do rpc over https for exchange 2010.
> However, every few seconds it seconds disconnected and then restored.

For RPC you'll need a client and a server side timeout of at least 60 seconds.
For the client timeout, please add "Client 60" to your config. 

> ListenHTTPS
>    Address 0.0.0.0
> AddHeader "Front-End-Https: on"
>    Port    443
>    Cert    "/etc/pound/CERT.KEY"
>    Ciphers "ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
>    MaxRequest 1073741824
>    xHTTP   4
>    Service "exchange"
>        URL
"^/exchange|^/exchweb|^/owa|^/ecp|^/Microsoft-Server-ActiveSync|^/oma|^/"
>        HeadRequire "Host: mail.qadomain1.com"
>        BackEnd
>            Address mail.qadomain1.com
>                Port 443
>                HTTPS
>        End
>    End
>    Service "rpc"
>        URL "^/rpc/rpcproxy\.dll\?"
>        HeadRequire "Host: mail.qadomain1.com"
>        BackEnd
>           Address mail.qadomain1.com
>                Port 443
>                TimeOut 300
>        HTTPS
>       End
>    End
> End

Though you have configured a server side timeout with "TimeOut 300", it
doesn't apply. Service "exchange" is evaluated first and due to the URL
statement including "^/" it matches any request. Swap the order of the two
Service sections and you should be fine.

Regards,
Frank

--
To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
Please contact roseg(at)apsis.ch for questions.

On Wed, 25 May 2011 06:01:40 -0400, Collin Boyce wrote
> I am still receiving the spontaneous disconnects.  My config looks like:

Your config is missing the client timeout:

> > For the client timeout, please add "Client 60" to your config.

Cheers,
Frank

That worked.  It doesn't seem to disconnect anymore. However, the connection
time is extremely slow.  It takes 2 minutes to get a login prompt.
On May 25, 2011, at 6:52 AM, Frank Schmirler wrote:

On Wed, 25 May 2011 06:01:40 -0400, Collin Boyce wrote
> I am still receiving the spontaneous disconnects.  My config looks like:

Your config is missing the client timeout:

>> For the client timeout, please add "Client 60" to your config.

Cheers,
Frank

--
To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
Please contact roseg(at)apsis.ch for questions.