Issue in ssl negociation
brunoa
nginx-forum at nginx.us
Thu Dec 8 00:02:18 UTC 2011
Hi Maxim,
>
> This may indicate different network paths, with
> some of them
> filtering ICMP frag-needed packets, and others
> don't (or at least
> doing MSS clamp). Alternatively, blackhole
> detection might come
> and magically fix things.
>
Indeed, blackhole detection solved my issue. Thanks for your expertise
!
# echo 2 > /proc/sys/net/ipv4/tcp_mtu_probing
and also in sysctl.conf.
Now, TCP packets have a size of 564 octets (probably due to tcp_base_mss
default value), which may not be optimal but is ok for now.
Bruno
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,219756,219776#msg-219776
More information about the nginx
mailing list