AspNetCore.Docs icon indicating copy to clipboard operation
AspNetCore.Docs copied to clipboard
verified publisher icon dotnet

SignalR Upgrade to Redis Backplane fails with Send Loop Error

Open joshbartley opened this issue 1 year ago • 4 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Describe the bug

.net 8.0 SignalR application hosted on IIS, behind HAProxy with the JS client set to websockets.

Without AddStackExchangeRedis(, connection succeeds and client is able to post a quick message through SignalR to the server.

Adding AddStackExchangeRedis(, with a connection string and detailed logging. Logs show "Redis Connected"

Below are the errors from clients attempting to connect. chrome_EgoMFZGLd3

Chrome returns a 1011 Error from the socket.

Tests I've tried to isolate this more.

Removed Redis Sentinel and set to a single Redis Server. Same Error as above. Removed Redis and restarted the iis app and pool, connection succeeds. Granted Redis user full Redis access. ACL SETUSER ********* +@all

This could 100% be a me issue, I'm just struggling to find out where the error is after spending a day on this and stuck in the overall try/catch loop in the redis code not knowing what could cause this. Any help would be appreciated in tracking down this error.

Expected Behavior

No response

Steps To Reproduce

No response

Exceptions (if any)

No response

.NET Version

8.0.0

Anything else?

No response

joshbartley avatar Jan 04 '24 22:01 joshbartley

I tried the default user as a test and found that it worked.

I previously had ~* resetchannels -@all +@pubsub +@read +echo +info +subscribe +cluster +role +set +get +ping

As the permissions and it seems that if you do not have permission to a command using the backplane it eats that error and throws an unhandled error in the connect which throws the cryptic "Send Loop Error".

Now the question is, what is the minimum required permissions for this backplane so that an be added to the docs.

joshbartley avatar Jan 04 '24 23:01 joshbartley

I wasn't aware of Redis ACL and don't know how to test it. But I assume you'll need at least &* +@pubsub

BrennanConroy avatar Jan 05 '24 22:01 BrennanConroy

Looked into this a bit and it looks like the minimum needed is: -@all +echo allkeys +@pubsub +ping and optional +get if you want tiebreaker support as well as not seeing a "NOPERM" debug log. Additional info at https://stackexchange.github.io/StackExchange.Redis/Configuration.html#redis-server-permissions and https://redis.io/docs/management/security/acl/

BrennanConroy avatar Jan 25 '24 23:01 BrennanConroy

On our Redis doc here: https://learn.microsoft.com/en-us/aspnet/core/signalr/redis-backplane?view=aspnetcore-8.0

I can point to https://stackexchange.github.io/StackExchange.Redis/Configuration.html#redis-server-permissions as a resource since the details are there.

wadepickett avatar Apr 08 '24 20:04 wadepickett