VMware NSX Edge load balancer stops forwarding traffic through virtual machines configured to insert X-Forwarded-For HTTP header after upgrading to VMware NSX for vSphere 6.1.2
search cancel

VMware NSX Edge load balancer stops forwarding traffic through virtual machines configured to insert X-Forwarded-For HTTP header after upgrading to VMware NSX for vSphere 6.1.2

book

Article ID: 336546

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Symptoms:
  • VMware NSX Edge load balancer stops forwarding traffic after upgrading an NSX Edge load balancer from NSX for vSphere 6.1.x to 6.1.2
  • Traffic fails to pass through the virtual machines enabled with HTTP L7 header inspection and SSL offload after upgrading an NSX Edge load balancer from NSX for vSphere 6.1.x to 6.1.2


Environment

VMware NSX for vSphere 6.1.x

Cause

This issue occurs when a virtual machine is configured with X-Forwarded-For (XFF), a Connection:close is also added to the http header automatically by the load balancer to indicate that the backend server terminates the connection after sending a response. Some applications that are using websocket fails because the connection is terminated.

Resolution

This is a known issue affecting NSX for vSphere 6.1.2, 6.1.3 and 6.1.4.

Currently, there is no resolution.

To work around the issue, add an application rule no option httpclose and attach to the virtual machine. This overwrites the default configuration. The Connection:close is no longer added to the http header.


Additional Information

To be alerted when this document is updated, click the Subscribe to Article link in the Actions box.

Powered by Wolken Software