Large number of invalid packets detected

Igor Sysoev is at
Mon May 19 16:32:12 MSD 2008

On Sun, May 18, 2008 at 09:43:16PM -0700, Rt Ibmer wrote:

> Quick update: I change my nginx config from:
>    keepalive_timeout  30;
> to
>    keepalive_timeout  0;
> and the log entries have stopped almost completely.  Prior to making this change I was getting somewhere between 1 - 10 entries per minute in the log for the bad packets (in the cases of multiples like 5-10 range often it was the same IP reporting over and over).  And now that I have made the keepalive change I've gotten just 2 log entries in the past hour.
> Does this give us any more insight as to the root cause of the issue?
> With this in mind should I keep the keepalive at 0, or go back to the 30 setting and just don't worry about the log entries?

I do not know iptables, so I can not say what it treats as invalid packets.

nginx can not affect on TCP packets in general, because it's low level TCP
thing. However, there are some cases:

1) MSIE always closes keepalive connection with RST packet,
2) if reset_timedout_connection is on (off by default), then nginx
   closes timed out connection with SO_LINGER 0, and it causes RST packet
   sent to a client. However, reset_timedout_connection did not affect
   keepalive connections.

Igor Sysoev

More information about the nginx mailing list