"502 bad gateway" response with L7 transparent mode
search cancel

"502 bad gateway" response with L7 transparent mode

book

Article ID: 336810

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Symptoms:
1. Client receive 502 bad gateway response
2. Under edge syslog we see "99: Cannot assign requested address" errors

Environment

VMware NSX-T Data Center 2.x
VMware NSX-T Data Center

Cause

This is a timing issue.

With only "l7 transparent mode", LB will use same client IP and port to connect to selected backend server for each http request comes from that client connection. There's a chance that, 2 http requests from same connection are allocated with same backend server, which triggers connections to that server with same IP and port. If the previous connection exists or doesn't quit completely, 99 error is reported with "cannot assign the address" then 502 response is replied.

Resolution

Fixed in NSX-T 3.1.1 and later

Workaround:
1. Enable SNAT by configuring “SNAT Translation Mode” to “Automap” or “IP Pool” based on the requirement.
2. User x-forwarded-for if client IP needs to be visible to backend devices.