A couple of CSMs in a campus manage costumer's WAP browsing service. A VIP virtualizes WAP1 and WAP2 service on different tcp, udp port and CSM balances it to WAP gateway proxies.
WAP gateway's proxies initiate new connection to internet passing through CSM.
HTTP sessions are intercepted and balanced to transparent proxies to provide enrichment.
NAT is implemented for all traffic that goes out to CSM.
Other flows are managed by this CSM but they aren't involved in the reset issues.
Costumer sets up connection with his WAP gateway. WAP gateway initiates connection to internet properly and flow is properly balanced to transparent proxies.
Transparent proxy also initiates new connection to internet.
Sometime CSM sends RST to transparent proxies and they send to all other elements a 502 bad gateway error.
RST packet is sent in two different cases.
1. RST after a few SYN packets, 30 second between first and last SYN.
2. RST immediately after the first SYN packet from transparent proxies.
I putted a test WEB server on the Client VLAN of CSM to leave out other network elements or internet problems
The second issue probably is a sell-out of some resources. Looking âLB Rjct: no cl NAT portâ counter on CSM's tech-support it increases. Probably one IP of NAT isn't enough anymore.
No ideas for the first issue.
Do you have any idea?
Thanks in advance.