NSX ESG Load Balancer fails to forward responses from the backend server and returns error 502
search cancel

NSX ESG Load Balancer fails to forward responses from the backend server and returns error 502

book

Article ID: 303218

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Symptoms:

NSX ESG Load Balancer fails to forward responses from the backend server.

An error message similar to the following is observed:

2017-02-22T15:58:36+00:00 ESG-799-EXT-LB-1 loadbalancer[14599]: [default]: [local0.info] 172.16.62.5 - - [22/Feb/2017:15:58:36 +0000] "POST /PublicCaseAccess/Traffic/Search HTTP/1.1" 502 8964 "" "" 60605 585 " services-webserver~" " services-webserver

" "webp01" 5 0 0 -1 398 PHEN 0 0 0 0 0 0 0 "" ""
 
2017-02-22T16:43:52+00:00 ESG-799-EXT-LB-1 loadbalancer[14599]: [default]: [local0.info] 172.16.62.5 - - [22/Feb/2017:16:43:52 +0000] "POST /PublicCaseAccess/Traffic/Search HTTP/1.1" 502 8964 "" "" 60974 395 " services-webserver~" " services-webserver

" "webp01" 86 0 1 -1 374 PHEN 0 0 0 0 0 0 0 "" ""

Environment

NSX for vSphere 6.2.4

NSX for vSphere 6.3.x

Cause

This is a known issue with the HAProxy application used, whereby it only allows up to 101 headers in the response.

https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#tune.http.maxhdr

Resolution

NSX for vSphere 6.4.0 has exposed a REST API to edit these values and allows you to increase them.

The syntax is a follows:

PUT https://<nsx-ip>/api/4.0/edges/<edgeId>/systemcontrol/config
<systemControl>
   <property>lb.global.tune.http.maxhdr=1024</property>
</systemControl>

Return 204

GET https://<nsx-ip>/api/4.0/edges/<edgeId>/systemcontrol/config
    Status Code: 200 OK
    Cache-Control: private, no-cache
    Content-Type: application/xhtml+xml
    Date: Fri, 03 Mar 2017 15:03:58 GMT
    Expires: Thu, 01 Jan 1970 00:00:00 GMT
    Strict-Transport-Security: max-age=31536000; includeSubDomains
    Transfer-Encoding: chunked
    X-Frame-Options: SAMEORIGIN

<?xml version="1.0" encoding="UTF-8"?>
<systemControl>
   <property>lb.global.tune.http.maxhdr=1024</property>
</systemControl>

 

If an upgrade is not possible, please log a call with GSS and mention the KB article.