Core FTP

I am running build 384 on four different servers(two Win2003, two Win2008) in sftp mode, in different environments. Both started dropping incoming connections almost immediately after I tried to put them into a load balanced pool, but the load balancer itself isn't the issue. Either the connection doesn't quite complete, or it does and almost immediately disconnects. The client gets a generic "The server unexpectedly closed the connection." type of error in that case.

I have been able to replicate the problem by setting up a test server and having a port scanner do a tcp connect to port 22 every 2 seconds. It just connects and immediately disconnects, the same way the load balancer probes do. (I'm doing "nmap -sT -p 22 X.X.X.X" every two seconds.) If the every-two-seconds port scan is on, I have the problem. If I turn it off, I don't have the problem.

Here's an example from the logs:

[20110804 15:34:41] [(load balancer)] connecting
[20110804 15:34:41] [(sftp client)] connected
[20110804 15:34:41] [(load balancer)] disconnected ((null))
[20110804 15:34:43] [(load balancer)] connecting
[20110804 15:34:43] [(load balancer)] connected
[20110804 15:34:43] [(load balancer)] disconnected ((null))
[20110804 15:34:43] [(sftp client)] connecting
[20110804 15:34:43] [(sftp client)] connected
[20110804 15:34:44] [(sftp client)] user 'username' sent
[20110804 15:34:44] [(sftp client)] USER-PASS (username) success
[20110804 15:34:44] [(sftp client)] LIST success - /
[20110804 15:34:44] [(sftp client)] disconnected (username)
[20110804 15:34:45] [(load balancer)] connecting
[20110804 15:34:45] [(load balancer)] connected
[20110804 15:34:45] [(load balancer)] disconnected ((null))

Is there some setting I'm missing that would cause this?

Thank you.

For your test, you'll need to increase the "max conns per IP" setting in your domain setup. It will auto-ban connections from an IP if it exceeds the default number (3).

It's not recommended you go above this for a production server.

The client getting disconnected and the probe from the load balancer(or the random other server I launched the port scan from) are different IPs.

The max conns per ip is already at 200.

What's the nmap -sT command actually doing? If you do not log on or fail the logon, it will also auto-ban the IP after a few tries.

It just opens the tcp connection as minimally as possible and then immediately disconnects. Not what I would have chosen to use for a load balancer test, but I don't control that aspect of the environment.

The load balancer is just using a tcp connect, I used that configuration of nmap every two seconds to mimic it for testing.