> With the tunnel in place, can you initiate an outbound SSH connection > from the realserver to the client machine? Are you absolutely sure that > the path this will follow the same route as the data from the realserver > under normal conditions? > > I have a sneaking feeling that the realserver is sending packets of 1460 > bytes (ethernet MTU less L2 framing) but the "secondary" director, ie. > the tunnel endpoint at the realserver's end, is dropping them because > they don't fit inside the tunnel.
I do a scp both times only from the client to the server: client:# scp file [EMAIL PROTECTED]:/tmp/ This works. The client sends the first packets with a mtu which doesn´t fit into the tunnel and recieves ICMP UNREACHABLE Need to fragment. client:# scp [EMAIL PROTECTED]:/tmp/file . This doesn´t work. The Realserver tries to send packets which doesn´t fit into the tunnel but DOES NOT receive any ICMP packet. I tried setting sysctl nat_icmp_send to 1 but that doesn´t change the behaviour at all. There was only one attempt which worked (the realserver got an ICMP UNREACHABLE NEED TO FRAG) but unfortunately I can´t reproduce it. So the realserver is never going to realise that it´s packets are too big. I think, that´s the gist of the matter. Any ideas? Thanks in advance. Have a nice weekend. cheers Marco _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
