[lvs-users] Firewall on LVS NAT

Jay Faulkner jay.faulkner at mailtrust.com
Mon Aug 9 14:52:20 BST 2010

> Update: The NFCT patch greatly reduced the dropped ACK FIN & ACK RST.
> There still are a few so I don't know what is causing this, but it is small
> compared to what I was getting before. Those users who had terrible
> connection problems seem to have no problems at all now. So thanks Jay for
> heading me in the right direction. For some reason this didn't appear to be as
> big of a problem in kernel 2.4.x, although it still might have existed.

Yeah, for us it was the same behavior -- updated one machine to RHEL5 / kernel 2.6, and we started seeing the dropped FIN/RST. Added NFCT, and now it's effectively gone.

Good luck!

Jason Faulkner
Linux Engineer, Rackspace Email & Apps
jason.faulkner at rackspace.com

More information about the lvs-users mailing list