Invalid session with Apache proxy

We are trying to configure Apache as a transparent proxy for the CWMP process, but our encountering “Invalid session” issues. Our Apache config looks like this:

<VirtualHost public_ip:7548>
  ServerName acs.domain.net:7548
  ProxyPass / http://127.0.0.1:7547/
  ProxyPassReverse / http://127.0.0.1:7547/
  SSLEngine on
  SSLCertificateFile "/etc/ssl/certs/domain_net.crt"
  SSLCertificateKeyFile "/etc/ssl/certs/domain_net.key"
</VirtualHost>

Before we put the transparent proxy in place, we had zero “Invalid session” errors. After, we had over 50k before we pulled the plug and reverted.

#Before:
$ zgrep "Invalid session" /var/log/genieacs/genieacs-cwmp.log-20200429.gz | wc -l
0

#After:
$ grep "Invalid session" /var/log/genieacs/genieacs-cwmp.log | wc -l
54134

Here is our Apache info:
Server version: Apache/2.4.39 (Unix)
Server built: Apr 6 2019 14:30:06

This happens when the proxy shares the same upstream TCP connection for multiple TR-069 sessions. Genie caches data for an active session in memory (tied to the connection) so you need to configure the proxy such that TCP connections are never reused. I don’t remember how I used to do that Apache. Try the opitons ‘disablereuse’ or ‘stickysession’.

Thank you for your help! The solution was:

ProxyPass / http://127.0.0.1:7547/ disablereuse=On

1 Like