I don't understand where you want to go... If I have no iptables rule, all is OK as I say in my first message. The problem is I use iptables to do state filtering and all FIN / RST packet are seen as INVALID (instead of ESTABLISHED...).
The solution mustn't be to remove iptables rules ;) Nobody have this problem ? I think this behavior can be observed on all directors with iptables... (I run 2.6.18-4-686-bigmem on Debian machine with iptables 1.3.6.0debian1-5 and keepalived 1.1.13-1) Dimitri Joseph Mack NA3T a écrit : > On Mon, 21 Jul 2008, Dimitri GOURDON wrote: > >> Hi all, >> >> I've setup LVS on a box using Keepalived (and Iptables) to load balance >> traffic between 2 web servers. I have a problem : >> >> A lot of TCP packets with FIN or RST flags (all I think) are dropped by >> Iptables as state INVALID. The consequence is that I have a lot of >> connection in FIN_WAIT state (shown by netstat) on the 2 web servers... >> > > do you get the problem without the iptables rules? > > Joe > > _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
