Reports of bad headers using TUN?
Nigel Hamilton
nigel at turbo10.com
Tue Jan 2 18:02:12 GMT 2007
> Hi Nigel,
>
>> How big is the size of his POST - does it exceed one packet?
>
> How can I find out?
>
You could use ethereal to watch the incoming packets and see if
they fragment but it's probably easier for you and him if he can send to
you what he is POSTing and then you try and replicate it.
>> This fragmenting may explain why when he goes "direct" to the real
>> server there is no problem.
>
> But wouldn't others have a similar experience? Namely myself and the
> other technicians here?
>
I think from the discussion on the HowTo this is linked to the
"MSS" setting and the nuances of the client's network.
> Or could it be this in conjunction with his router/firewall setup?
>
This is something to check too.
The first step to solving the problem is reliably replicating it -
so finding out what he's POSTing is a good start - hopefully it will
happen to you too. Then if the problem is indeed the TUN problem described
in the HowTo[1] then the proposed solution is to execute this command on your
RealServers:
iptables -A OUTPUT -s VIRTUAL-IP -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN,ACK -j TCPMSS --set-mss 1440
Please let us know how you get on?
Nige
[1] http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-Tun.html
> Thanks,
> Matthew
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
Search lvs-users Archives
More information about the lvs-users
mailing list