Load Balancer closing RPC over HTTPS Outlook connection?

[HungryHippos]

Hi all,

Been investigating a problem at work where Outlook users are being disconnected and reconnected once every minute or so when using RPC over HTTPS.

I've fired up Wireshark, and enabled Diagnostic Logging in Outlook. The Event log on the client tells me when the client is disconnected. Checking the Wireshark packet data for the target IP address of the RPC over HTTPS endpoint address, and following a stream of a disconnect TCP session I see something like this:

20:36:00 - 20:36:05 various TCP connections/handshaking going on between the client and the Server.

Then nothing on this stream until the following occurs, in this order:

20:36:48 - FIN ACK from the LB's (Load Balancers) > Client
20:36:48 - ACK from the Client > LB's
20:36:48 - FIN ACK from the Client > LB's
20:36:48 - ACK from the LB's > Client

I'm no networking guru or anything, but it looks to me like out of the blue the LB's are timing out the connection or sending a request to terminate the connection. Does this sound like what it's doing?

Sorry can't post any more detailed info really

Thanks!

 

[HungryHippos]

Well no one came back to me on this, but I was right, the LB's were timing the connections out. The setting was set to time-out after 40 seconds of inactivity, upped that to 600 seconds and all good since then.

 

[Knubje]

Hi,

We use NLB's for outlook anywhere which then forward traffic to our TMG servers.

Don't know about your NLB's but we have a "persistance profile" setup for the particular "virtual servers" on our NLB which deal with that traffic.

The parent persistance profile is for Source Address Affinity, the only setting this seems to apply is to "Map Proxies".

We then have a child persistence profile which has the above setting enabled by default and also "Mirror Persistence by Default" , "Match Across Services" and a time out specfied to 3600 (an hour).

The virtual server itself has a client profile set to "TCP" which seems standard default, but it does have the following enabled which seem relevant:

Reset On Timeout Enabled
Time Wait Recycle Enabled
Delayed Acks Enabled

Edit:-
Does seem like it was timeout value set to low, looks like you have posted and the fix was related to that!