[Bug 1087] Window Tracking not disabled
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Oct 18 11:12:56 CEST 2016
https://bugzilla.netfilter.org/show_bug.cgi?id=1087
Arturo Borrero Gonzalez <arturo.borrero.glez at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |arturo.borrero.glez at gmail.c
| |om
--- Comment #4 from Arturo Borrero Gonzalez <arturo.borrero.glez at gmail.com> ---
Mathew, I would need additional details to understand what's happening here.
You need "TCPWindowTracking On" in conntrackd.conf to ensure the window
tracking information is exchanged between the nodes of the cluster. I.E, from
your first comment I understand that using "TCPWindowTracking Off" and pushing
out-of-window traffic leads to dropped packages. If my understanding is right,
then this is the *expected* behaviour.
As I said, to properly deal with this situation, you need "TCPWindowTracking
On".
This is independent of the behaviour of tcp_be_liberal.
Each node of the cluster should have it's own tcp_be_liberal configuration
using the sysctl variable.
Could you please share additional details?
thanks
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20161018/857d69be/attachment.html>
More information about the netfilter-buglog
mailing list