We have IIS servers in Azure behind load balancer. Load balancer has unconfigurable timeout of 4 minutes after which inactive connection is killed.
We're trying to setup nginx as a reverse proxy to the IIS cluster described above. Everything works fine except nginx doesn't send keep alive messages to the server it opened connection to. So, if server takes more than 4 minutes to reply the connection is killed by the load balancer.
If a client (browser) connects to the load balancer directly, it sends TCP keep alive messages and all is good. If client connects to nginx, it sends keep alive to nginx and all is good with connection to nginx. But no keep alive messages between nginx and load balancer, so eventually connection dies.
so_keepalive option seems to be related to the TCP keep alive for connections opened to nginx from client (browser).
We tried other reverse proxies (IIS ARR proxy, haproxy) and always ran into the same issue.
We can't configure load balancer (outside of our control). How could we configure either linux with nginx, nginx, or IIS behind load balancer (to which nginx connects) to get them to send keep alive messages to keep connection open?
Best Answer
Both in Linux and Windows the program which opens connection must set keep alive option on the socket for keep alive packets to be sent.
We just updated nginx code to enable keep alive for all opened sockets. File to update:
src/event/ngx_event_connect.cCode to enable keep alive (tested only on Linux):
Put it in
ngx_event_connect_peerright after socket is created and connection is retrieved (ngx_get_connection).You will then need to also decrease keep alive time (from default 2 hours) and maybe keep alive interval. See http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/ for more details.