|
Hi Sandy,
thx for quick response. I have fix the problem. The tip was in the first
link of your answer ->> check your firewall !
I have add the IP-Rule that set the mss on the end of my iptable-script.
iptables -A OUTPUT -s VIRTUAL-IP -p tcp -m tcp --tcp-flags SYN,RST,ACK
SYN,ACK -j TCPMSS --set-mss 1440
... and here was perhaps the problem with other ip-tables rules before.
After i add the line in the top off my firewall script the problem with
the timeouts by large posts was fixed.
thx to all and regards
udosa munich
Sandy Harris schrieb:
> On Thu, Apr 17, 2008 at 8:36 PM, Udo Sauer <udo@xxxxxxxxx> wrote:
>
>
>> After i study the LVS-Howto i found the section for MTU and package
>> fragmentation.
>>
>
> A fairly simple explanation of pth MTU issues:
> http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/glossary.html#pathMTU
>
> A section of this paper has the best analysis I've seen:
> http://www.av8n.com/security/lisa/
>
>
|
