Reports of bad headers using TUN?

Matthew matthew at
Thu Jan 4 23:43:50 GMT 2007

Bam! That did it. I've gotten one response back from my 4 problematic 
people and it works for her now.

Thanks to all you awesome people! You rock!


Jaroslav Libák wrote:
>> Hi all,
>> No go it seems. I ran this command on my director:
>> iptables -A OUTPUT -s <VIP> -p tcp
>>  -m tcp --tcp-flags SYN,RST,ACK SYN,ACK -j TCPMSS --set-mss 1440
>> And the POST test in the HOWTO still returns "bad request" in the browsers.
>> What next?
>> Thanks,
>> -Matthew 
> You need to run it on your real server. Real server replies with SYNACK packet which needs to have MSS 1440 to notify the client of the limit. Another solution is to set MTU 1480 on outgoing interface on realserver. Also try to set MTU to 1480 on the incoming interface on directors.
> The solution with iptables on realservers works for TCP only, not for UDP.
> Jaro
> _______________________________________________
> mailing list - lvs-users at
> Send requests to lvs-users-request at
> or go to

More information about the lvs-users mailing list