LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Reports of bad headers using TUN?

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: Reports of bad headers using TUN?
From: Jaroslav Libák <jarol1@xxxxxxxxx>
Date: Thu, 04 Jan 2007 23:12:50 +0100 (CET)
>Hi all,
> No go it seems. I ran this command on my director:
>
>iptables -A OUTPUT -s <VIP> -p tcp
>  -m tcp --tcp-flags SYN,RST,ACK SYN,ACK -j TCPMSS --set-mss 1440
>
>And the POST test in the HOWTO still returns "bad request" in the browsers.
>
>What next?
>
>Thanks,
>-Matthew 

You need to run it on your real server. Real server replies with SYNACK packet 
which needs to have MSS 1440 to notify the client of the limit. Another 
solution is to set MTU 1480 on outgoing interface on realserver. Also try to 
set MTU to 1480 on the incoming interface on directors.

The solution with iptables on realservers works for TCP only, not for UDP.

Jaro

<Prev in Thread] Current Thread [Next in Thread>