On 3/30/10 11:49 PM, Willy Tarreau wrote:
On Wed, Mar 31, 2010 at 02:17:37AM -0400, Geoffrey Mina wrote:
There was nothing between the two but a switch... although, disabling the
Windows firewall on the IIS server seems to have fixed the problem! I don't
have much experience with the built in windows firewall... but apparently
it's not happy about something.
well then either the windows firewall is terribly buggy or the switch
is having fun with the TTL (layer3 switch maybe ?), because it is not
normal to have the TTL decrease by one if nothing sits between the two
machines.
I think we'll switch over to a third party firewall application.
That's a safer bet :-)
Thanks for the help! You guys rock.
You're welcome!
Willy
2.6.18-164.el5xen
If they are using a domU on Xen then there is either a bridge or other
forwarding mechanism on the dom0 routing traffic to the VM. That might be
causing the ttl decrement, the default is a bridge and I don't know if bridges
normally decrement the ttl.
iptables and/or conntrack on the dom0 and/or the domU might be culprits in the
disappearing packet? I ugess not in this case, but I'd watch them...
I turn off iptables completely on the dom0 and domU esp. when trying to
troubleshoot.
Some people find slow IO with Xen:
http://lists.xensource.com/archives/html/xen-users/2009-11/msg00206.html
