httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Slawomir R. Janotta" <>
Subject [users@httpd] Problem with DNS lookup caching in reverse proxy
Date Fri, 26 Nov 2010 10:11:30 GMT
Hi everybody,
I am facing a problem which I cannot solve in a satisfying way and after
searching the known resources for a while I wonder if anyone has ever
solved a similiar one.

Let me first describe the situation I have here.

I am using a reverse proxy installation to access a backend server
transparently. However, there are in fact two backend machines instead of
one and they are configured in a cold stand-by way meaning only one is
ever running.

Additionally there is a special dns-resolver which supplies the ip address
of only one of the backend machines depending on which one is running at
the moment during DNS name resolving. This works perfectly as I can check
each time after the switch-over with a simple nslookup command.

The definition of the reverse proxy clause is like this:

    SSLEngine ON
    SSLProxyEngine ON
    ProxyPass /
    ProxyPassReverse /

Where is the address of the reverse proxy machine and the
fully qualified name of is the logical name of the
service which the dns-resolver resolves to either one of the backend
servers depending on their run status.

When I access the backend service over the reverse proxy the Apache server
running as the reverse proxy caches the IP address of the then running
backend server. Now if I switch the servers, shutting one down and
bringing the other up and updating the dns-resolver, I can see that the
dns-resolving mechanism works but the reverse proxy still uses the cached
IP address of the now defunct backend server.

I have tried to tackle the problem by supplying some parameters to the
ProxyPass clause.

While setting the option disablereuse=On helps to avoid the caching
problem, this is not really an option because it massively degrades the
performance during peak times.

Thus I tried the expiry option by setting smax=0 ttl=30.
I would have expected that this would expire all connections after they
were idle for 30 seconds which would be fine. But this seems not to work.

I have found a corresponding Bug #43371 where the possibility to set smax
to zero was enabled by a patch in the first place. I have analysed the
solution and have found no error with this patch. Nevertheless I think
there still might be a problem with this since some of the requests (But
not all!) are still using the "old" IP address.

Has anyone of you ever had a similiar problem of chached DNS-resolved IP
addresses? Have you found any satisfactory solution? Any additional clues
for me? Any help would be greatly welcome.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message