We are experiencing a problem with our lvs cluster today where people
cannot get to our LVS-NAT cluster. It works perfectly except that
intermittently that people's connections get stuck in a SYN_RECV state.
TCP 00:44 SYN_RECV XX.XX.XX.XX:1080 yy.yy.yy.yy:80 zz.zz.zz.zz:80
After that times out it goes into an ERR! state. A "netstat -t" on the
real server shows the connection in the same state on that server as
well. The real server is able to ping the end-user's machine, and is
configured with a VIP on the director as it's gateway.
It's as though the ACK packets are getting dropped somehow, but it only
happens on a small percentage of connections. Does anyone have any
suggestions for things that we could do to help debug or solve this
This problem is happening both with kernels 220.127.116.11 and 2.4.26. If it's
important, we are also using keepalived 1.1.7 to handle our director
failover and real server monitoring.
Thank you for any help.