On Wed, 2008-07-30 at 15:45 +0200, Marco Lorig wrote: > Using ldap causes the same problem. But I didn't test a ldap "put" to the > server, only a get fails (like scp).
Umm... thinking about this laterally: "put" is pushing large packets towards the server, from the client, the reverse flow is mainly ACKs and will fit inside the MTU of the reverse path when the tunnel is in place or when the tunnel isn't in place. "get" is pushing small packets towards the server, from the client, the reverse flow is mainly data and doesn't fit in the PTU of the reverse path when the tunnel is in place; the difference is that if the tunnel is removed the data gets back to the client. We need to work backwards on this one. With the tunnel in place, can you initiate an outbound SSH connection from the realserver to the client machine? Are you absolutely sure that the path this will follow the same route as the data from the realserver under normal conditions? I have a sneaking feeling that the realserver is sending packets of 1460 bytes (ethernet MTU less L2 framing) but the "secondary" director, ie. the tunnel endpoint at the realserver's end, is dropping them because they don't fit inside the tunnel. Can you adjust the mtu of the interfaces on the realservers? ifconfig eth0 mtu 1400 Tune it downwards until it works - I'm pretty sure that's where your problem is. Apologies if you can't, though - this thread has become so long I don't want to read it all again! Graeme _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
