Large number of invalid packets detected
Igor Sysoev
is at rambler-co.ru
Mon May 19 16:32:12 MSD 2008
On Sun, May 18, 2008 at 09:43:16PM -0700, Rt Ibmer wrote:
> Quick update: I change my nginx config from:
> keepalive_timeout 30;
> to
> keepalive_timeout 0;
>
> and the log entries have stopped almost completely. Prior to making this change I was getting somewhere between 1 - 10 entries per minute in the log for the bad packets (in the cases of multiples like 5-10 range often it was the same IP reporting over and over). And now that I have made the keepalive change I've gotten just 2 log entries in the past hour.
>
> Does this give us any more insight as to the root cause of the issue?
>
> With this in mind should I keep the keepalive at 0, or go back to the 30 setting and just don't worry about the log entries?
I do not know iptables, so I can not say what it treats as invalid packets.
nginx can not affect on TCP packets in general, because it's low level TCP
thing. However, there are some cases:
1) MSIE always closes keepalive connection with RST packet,
2) if reset_timedout_connection is on (off by default), then nginx
closes timed out connection with SO_LINGER 0, and it causes RST packet
sent to a client. However, reset_timedout_connection did not affect
keepalive connections.
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list