|
Thomas that did it!! All i had to do was to take out the -m state
--state NEW. I really appreciate you all helping me with this.
On Wed, Aug 27, 2008 at 7:11 AM, Thomas Pedoussaut
<thomas@xxxxxxxxxxxxxx> wrote:
> Bryan Aldridge wrote:
>> on both the realservers shows upwards of a thousand connections! At
>>
> I got something similar a few months back. It was all due to iptables on
> the director. Don't try to do statefull inspection (ie using --state
> ESTABLISHED,RELATED) because the ack of closing packet from the server
> won't be sent to the real server, or something similar.
> It was happening on servers processes that don't time out connections
> and where the disconnect can be initiated by the server.
>
> Anyway, keep your firewall straight on the director and it should be fine.
>
>
> --
> Thomas, bitten once
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
|
