• When accessing pool members (applications) through NSX-T LB, a similar issue can be seen on the browser:
  Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server. The status code returned from the server was: 400
  
• The LB logs show the following error trace:
  • ####-##-##T##:##:##Z lb ##### access [INFO] [#######-####-####-####-#########][##########-####-####-####-##########] Operation.Category: 'LbAccessLog', Operation.Type: 'Http', Lb.UUID: '#######-####-####-####-#########', Lb.Name: '##-######-####', Vs.UUID: '#######-####-####-####-#########', Vs.Name: '####-#####-####-###_###', Vs.Ip: '##.###.###.##', Vs.Port: '###', Pool.UUID: '########-####-####-####-########', Pool.Name: '####-#####-#####-######', PoolMember.Ip: '##.###.###.##', PoolMember.Port: '####', Client.Ip: '##.###.###.##', Client.Port: '####', Snat.Ip: '##.###.###.##', Snat.Port: '#####', HttpRequest.Method: 'POST', HttpRequest.UserAgent: 'Mozilla/5.0 (Windows NT ##.#; Win64; x64) AppleWebKit/###.## (KHTML, like Gecko) Chrome/###.#.#.# Safari/###.##', HttpRequest.X-Fwd-For: '-', HttpRequest.Uri: '/##########/#########/#####-######-#######-#######', HttpRequest.Host: '###################################', HttpResponse.Status: '401', HttpResponse.StatusCategory: '4##', HttpResponse.Size: '0', HttpResponse.ServerTime: '#.###', HttpResponse.TotalTime: '#.###', Error.Reason: 'Pool member returned 401' 
####/##/## ##:##:## [debug] ####y#: ####### cookie sticky sid [ ##.###.###.##/####]
####/##/## ##:##:##  [debug] ####y#: ####### connect to  ##.###.###.##/####, fd:### y##############
####/##/## ##:##:##  [debug] ####y#: lb create conn - (#)  ##.###.###.##/##### ->  ##.###.###.##/####, flag ####, state: valid, cid ###############, pcid ############
####/##/## ##:##:## [debug] ####y#: lb delete conn - (#)  ##.###.###.##/##### -> ##.###.###.##/####, flag ####, state: invalid, cid ##############, pcid ################

Note: Debug mode must be enabled on the LB to see the above backtrace.

 NSX-T Data Center 3.x

This scenario involves two critical factors:

1. Large POST Request: The HTTP POST request contains a large payload that cannot be sent in a single transmission.
2. Early Response: The backend server responds before receiving the complete request body.

Due to these factors, Nginx terminates the HTTP session upon receiving the early response instead of continuing to send the incomplete request body. At a higher application level, multiple HTTP sessions may constitute a single logical session. Consequently, when the subsequent message is received, it is rejected with a 400 error. This happens because the application identifies the message as invalid, having missed part of the data from the incomplete request.

This issue is resolved in VMware NSX 4.2.0, available at Broadcom downloads.

If you are having difficulty finding and downloading software, please review the Download Broadcom products and software KB.

If you believe you have encountered this issue, please open a support case with Broadcom Support and refer to this KB article.

For more information, see Creating and managing Broadcom support cases.