On Thu, Feb 02, 2006 at 01:50:01PM +0100, Guido Schwarzer wrote: > Hi all, > > we have self-written firewall-scripts using iptables on our Linux servers. > If we restart the firewall on the SunRay server, a random number of > SunRays gets disconnected with 26D. These hanging sessions get back > after power-cycling the SunRays. We do not have to restart the firewall > too often thus this isn't a big problem. Nevertheless, does anybody have > a clue on what's going wrong?
Sounds like your SunRays depend on the connection tracking of the linux firewall (like passing through NAT for example, or if you have other stateful rules like -m state --state=ESTABLISHED,RELATED). If the state is reset, a 'connection' (even though it's UDP) must be re-established - it is possible that only your SunRays can start the connection, but maybe when they're stuck in 26D they are waiting for the server to respond (which it can't because the 'connection' in the firewall isn't up yet). So, in other words, the firewall is waiting for the SunRay, the SunRay is waiting for the server, and the server can't do a thing because of the firewall. But I'm guessing here... I don't know the SunRay protocol and I don't know your firewall setup :) -- / jakob _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
