[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-httpd-bugs
Subject:    [Bug 62531] Intermittent failure to use ProxySourceAddreess on outbound proxied requests
From:       bugzilla () apache ! org
Date:       2024-02-05 9:15:48
Message-ID: bug-62531-7868-H4G85ZFgW3 () https ! bz ! apache ! org/bugzilla/
[Download RAW message or body]

https://bz.apache.org/bugzilla/show_bug.cgi?id=62531

--- Comment #1 from O Seibert <o.seibert@syseleven.de> ---
We have a similar use case, and ran into a different problem. I would also be
interested in a different way to reach the same goal.

We approached the routing a bit differently. Instead of marking packets with
iptables, we're simply adding a source routing rule for a particular source
address to use the internet routing table:


$ ip rule
...
32764:  from a.b.c.d/31 lookup internet

with a matching ProxySourceAddress in the configuration.

The problem we see is if the proxy wants to connect to an IPv6 address. That
cannot work with an IPv4 source address. However Apache doesn't detect this.
Even though the proxy destination has both IPv6 and v4 addresses, it seems to
try v6 first. This doesn't work because the routing doesn't work. There are
several v6 and v4 addresses; even if it tries all of them in turn, and even if
it eventually works, any client that tries to connect gives up before then.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]