Reports of bad headers using TUN?

Jaroslav Libák jarol1 at
Thu Jan 4 22:12:50 GMT 2007

>Hi all,
> No go it seems. I ran this command on my director:
>iptables -A OUTPUT -s <VIP> -p tcp
>  -m tcp --tcp-flags SYN,RST,ACK SYN,ACK -j TCPMSS --set-mss 1440
>And the POST test in the HOWTO still returns "bad request" in the browsers.
>What next?

You need to run it on your real server. Real server replies with SYNACK packet which needs to have MSS 1440 to notify the client of the limit. Another solution is to set MTU 1480 on outgoing interface on realserver. Also try to set MTU to 1480 on the incoming interface on directors.

The solution with iptables on realservers works for TCP only, not for UDP.


More information about the lvs-users mailing list