|
Per Jessen wrote:
> Fair enough I guess - path MTU discovery will not be able to discover
> that my SMTP traffic is being distributed by LVS etc.. It would also
> _appear_ that my hosting provider (Hetzner) may not be letting the
> ICMP "need to frag" through their switches etc. - I have queried
> Hetzner, but am still waiting for an answer.
They are apparently letting them through, so I guess the problem is on
the sender end. Oh well.
> After many attempts, lots of research, wielding a magic wand and
> uttering the odd curse, I ended up with the following iptables setup
> on each of my real servers:
>
> iptables -I OUTPUT -p tcp --tcp-flags SYN,RST,ACK SYN,ACK -j TCPMSS
> --clamp-mss-to-pmtu
>
> This seems to have done the trick, but can anyone can explain to me
> exactly why?
I think I've worked out how this works now.
The more I know about TCP/IP, the more I realise how little I know ....
/Per Jessen, Zürich
|
