Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

HTTP 204 No Content response causing network slowdown in InterScan Web Security Virtual Appliance (IWSVA) 6.5 Service Pack 2

    • Updated:
    • 15 Nov 2018
    • Product/Version:
    • InterScan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A N/A
Summary

Unnecessary connections remain open for 5 minutes because of the keepalive_timeout, causing a decrease in available concurrent connections in IWSVA.

In HTTP/1.1 Keep-Alive connection, even if IWSVA returns a "HTTP 204 - No Content" response to the downstream proxy, there is no next request sent from the downstream proxy for the same connection.

In this case, IWSVA keeps a connection open until the time specified by the keepalive_timeout_interval and then closes it. The keepalive_timeout_interval was increased from 10 to 300 seconds in IWSVA 6.5, compared to IWSVA 5.6.

As a result, these remaining connections cause a network slowdown with an increasing amount of connections (up to the maximum) on the downstream proxy.

Details
Public

The response "HTTP 204 - No Content" is due to a process on the downstream proxy, however shortening the keepalive_timeout_interval will help decrease the connection time.

  1. Do a backup of IWSSPIProtocolHttpProxy.pni:

    # cp -ip /etc/iscan/IWSSPIProtocolHttpProxy.pni /etc/iscan/IWSSPIProtocolHttpProxy.pni.bak

  2. Edit IWSSPIProtocolHttpProxy.pni

    # vi /etc/iscan/IWSSPIProtocolHttpProxy.pni

  3. Change the keepalive_timeout_interval to a value you like.
  4. Save IWSSPIProtocolHttpProxy.pni
  5. Stop and start the HTTP daemon:

    # /etc/iscan/S99ISproxy stop
    # /etc/iscan/S99ISproxy start

Note:
  • Appropriate timeouts depends on each system. Configure the keepalive_timeout_interval value after checking the timeout value of the downstream proxy.

  • Other proxy products have 30 seconds timeout value by default. If you are not sure of the timeout value of the downstream proxy, TrendMicro strongly recommends setting it to 30 seconds first.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1121140
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.