Problem

Sometimes the following warning is observed in the Server Log:

There is no available DMZEdge for this zone

The most common reason for this message is when all Edge servers in the given Zone were blacklisted by the Backend. Edges get blacklisted if the Backend was not able to reach them, which is usually caused by a network/routing issue between the Backends and the Edge hosts, although the causes may vary widely.

Resolution

When the server parameter Proxy.Blacklisting.Enabled is set to true, it enables the blacklisting mechanisms and in case the Backend identifies an issue with the communication with the Edge it will blacklist it and retry the connection via any other Edge proxy in the Zone (if available). The duration for which the Edge wlll stay blacklisted is defined with the Denied.Proxy.Timeout parameter.

If the parameter Proxy.Blacklisting.Enabled is set to false then the Backend will try to use the same Edge proxy even after a failure.

This was initially thought of as a defense mechanism to prevent potential blacklisting of the Edge(s) on the remote end.

The blacklisting mechanism takes into account the following parameters (shown are the default values):

This would translate into – if the Edge failed 3 times (Proxy.Max.Failure.Series) within 3 minutes (Failed.Proxy.Timeout) the Backend will put it in a denied state for 10 minutes (Denied.Proxy.Timeout).

To remediate the error there are a few things that could be tried out on ST side:

Set the parameter Proxy.Blacklisting.Enabled to false under the Admin UI → Operation → Server Configuration page. This will disable the blacklisting logic and the Backend will try to use the same proxy even after failure. Changing the value requires TM restart.

Set the parameter Direct.Connection.When.Proxy.Down to true under the Admin UI → Operation → Server Configuration page. This will make the Transaction Manager attempt a direct connection from the Backend when all Edge proxies in the Zone are down. Changing the value requires TM restart.

Verify that the Socks service on the Edge server is running. A restart might be needed if the service is not running.

Verify that the Enable Proxy and SOCKS5 options are enabled in the Zone's configuration (Admin UI → Setup → Network Zone → select the Edge network zone → Select the Edge node from the list).

If the server parameter Dmz.Edge.proxyDnsResolutionCheck is set to true, verify that the Use the Edge DNS configuration is enabled in the Zone's configuration. When it is enabled, DNS resolution of hostnames will be performed by the Edge before a Server Initiated Transfer is executed by the Backend.

Increase the Denied.Proxy.Timeout, Failed.Proxy.Timeout and Proxy.Max.Failure.Series server parameters.