528 Transport Errors
Fluxzy uses HTTP 528 status code to report transport errors to client. Transport errors is anything that can happen making impossible to start or to complete an HTTP request.
This could be:
- A DNS resolution error
- A TLS handshake error
- An explicit TCP RESET from the remote either during an active connection or during the TCP handshake
- A timeout, usually no response from the remote
- A protocol violation from the remote
- ....
Instead of resetting the connection to the client, Fluxzy will send a response with a 528 status code with a response body containing a summarized diagnosis of the error.
Here is an example of a response page sent by fluxzy during such error:
Common error messages
Here are the most common transport errors:
The connection was reset by remote peer
This error happens when the remote peer reset the connection. This can happen during the TCP handshake or amid an active connection. This usually means that there's no direct network connection issue, instead the remote has requested an immediate TCP termination.
The remote peer could not be contacted within the configured timeout
This error happens when the remote peer does not respond within the configured timeout. There may several reasons for this:
- The remote peer is not reachable (e.no route to host)
- The remote peer is reachable but does not respond (e.g a firewall is blocking the request, the remote ignores non-bounded port, ..)
- The remote peer is reachable but the response is lost on the way back (e.g: routing issue,)
- The remote peer is reachable but the response is too slow to arrive within the configured timeout (e.g: slow network, ..)
Failed to solve DNS for hostname
This error happens when the DNS resolution for the remote hostname fails. This can happen for several reasons:
- The hostname is not resolvable (e.g: the hostname does not exist, the DNS server is not reachable, ..)
- The hostname is resolvable but the DNS server does not respond within the configured timeout (network error)
- The hostname is resolvable but the DNS server responds with an error (e.g: NXDOMAIN, SERVFAIL, ..)
- The hostname is resolvable but the DNS server responds with an invalid response (e.g: malformed response, ..)
- The hostname is resolvable but the DNS server responds with a response that does not contain any IP address (e.g: CNAME, ..)
Use 502 instead of 528
Normally, an intermediary should send a 502 Bad Gateway status code to report a transport error.
However, in order to distinguish easily between the debugger (fluxzy) and an actual reverse proxy error, we choose to use the 528 status code.
You can disable this behavior :
- For Fluxzy CLI, by setting the option
--use-502
when starting the capture session (start
command) - For Fluxzy Desktop, by updating the corresponding settings in Setting -> Proxy settings
- For Fluxzy Core, by setting the static property
FluxzySharedSetting.Use528 = false
More diagnosis
If you wish to have further diagnosis, you can enable dumping stack trace by setting the environment variable EnableDumpStackTraceOn502
to TRUE