c# - Simple internal HTTP GET request failing due to SocketException: An existing connection was forcibly closed by the remote host

Question

I have a simple health check system that sends a simple HTTP GET request to an internal URL, which is an MVC web app that requires authentication. For example, if you send a get request to https://{{IPAddress}}/MyMvcApp, the app would redirect you to https://{{LB Host}}/MyMvcAppAuth.

private static void UsingHttpGetRequest(string uri, Action<HttpWebResponse> action)
{
    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri);
    request.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;

    ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback
    (
        delegate { return true; }
    );

    Log("Sending the HTTP Get request...");
    using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
    {
        Log($"Got a response! Status: {response.StatusCode}");
        action(response);
    }
}

I have two servers in my farm. When this code runs on one of the servers, it works fine, but the other one has this problem:

Exception: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags) at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)

• I have Compared IIS configuration settings between the servers and found no significant difference.
• I have compared the registry keys and discovered that both servers don't have the registry key "SchUseStrongCrypto", but TLS 1.2 is definitely enabled on both servers.
• Verifed that both have .NET v4.0.30319 installed.

The more I think about this, the more I reach the conclusion that the F5 load balancer is rejecting the 302 redirect from a request that was originated in one of the servers in the farm. What do you guys think? Potential firewall/misconfiguration issue on the load balancer that rejects these requests?

Answer 1

Another way of doing it.

       public static bool CheckPageExists(string url)
        {
            //checks only the headers to be very quick
            bool pageExists = false;
            try
            {
                HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
                request.Method = WebRequestMethods.Http.Head;
                HttpWebResponse response = (HttpWebResponse)request.GetResponse();
                pageExists = response.StatusCode == HttpStatusCode.OK;
            }
            catch
            {
                return false;
            }
            return pageExists;
        }

Just call it like this CheckPageExists("https://www.google.com")

reference using System.Net;