Re: Large number of invalid packets detected

Quick update: I change my nginx config from:
keepalive_timeout 30;
to
keepalive_timeout 0;

and the log entries have stopped almost completely. Prior to making
this change I was getting somewhere between 1 - 10 entries per minute in
the log for the bad packets (in the cases of multiples like 5-10 range
often it was the same IP reporting over and over). And now that I have
made the keepalive change I’ve gotten just 2 log entries in the past
hour.

Does this give us any more insight as to the root cause of the issue?

With this in mind should I keep the keepalive at 0, or go back to the 30
setting and just don’t worry about the log entries?

Thanks again!

On Sun, May 18, 2008 at 09:43:16PM -0700, Rt Ibmer wrote:

Quick update: I change my nginx config from:
keepalive_timeout 30;
to
keepalive_timeout 0;

and the log entries have stopped almost completely. Prior to making this change I was getting somewhere between 1 - 10 entries per minute in the log for the bad packets (in the cases of multiples like 5-10 range often it was the same IP reporting over and over). And now that I have made the keepalive change I’ve gotten just 2 log entries in the past hour.

Does this give us any more insight as to the root cause of the issue?

With this in mind should I keep the keepalive at 0, or go back to the 30 setting and just don’t worry about the log entries?

I do not know iptables, so I can not say what it treats as invalid
packets.

nginx can not affect on TCP packets in general, because it’s low level
TCP
thing. However, there are some cases:

  1. MSIE always closes keepalive connection with RST packet,
  2. if reset_timedout_connection is on (off by default), then nginx
    closes timed out connection with SO_LINGER 0, and it causes RST
    packet
    sent to a client. However, reset_timedout_connection did not affect
    keepalive connections.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs