Dropped connections with tcp_tw_recycle=1
Michael S. Fischer
michael at dynamine.net
Sun Sep 20 22:25:13 CEST 2009
On Sep 20, 2009, at 6:20 AM, Nils Goroll wrote:
>> tcp_tw_recycle is incompatible with NAT on the server side
>
> ... because it will enforce the verification of TCP time stamps.
> Unless all
> clients behind a NAT (actually PAD/masquerading) device use
> identical timestamps
> (within a certain range), most of them will send invalid TCP
> timestamps so SYNs
> will get dropped.
Since you seem pretty knowledgeable on the subject, can you please
explain the difference between tcp_tw_reuse and tcp_tw_recycle?
Thanks,
--Michael
More information about the varnish-misc
mailing list