Quick update: I change my nginx config from:
keepalive_timeout 30;
to
keepalive_timeout 0;
and the log entries have stopped almost completely. Prior to making
this change I was getting somewhere between 1 - 10 entries per minute in
the log for the bad packets (in the cases of multiples like 5-10 range
often it was the same IP reporting over and over). And now that I have
made the keepalive change I’ve gotten just 2 log entries in the past
hour.
Does this give us any more insight as to the root cause of the issue?
With this in mind should I keep the keepalive at 0, or go back to the 30
setting and just don’t worry about the log entries?
Thanks again!
On Sun, May 18, 2008 at 09:43:16PM -0700, Rt Ibmer wrote:
Quick update: I change my nginx config from:
keepalive_timeout 30;
to
keepalive_timeout 0;
and the log entries have stopped almost completely. Prior to making this change I was getting somewhere between 1 - 10 entries per minute in the log for the bad packets (in the cases of multiples like 5-10 range often it was the same IP reporting over and over). And now that I have made the keepalive change I’ve gotten just 2 log entries in the past hour.
Does this give us any more insight as to the root cause of the issue?
With this in mind should I keep the keepalive at 0, or go back to the 30 setting and just don’t worry about the log entries?
I do not know iptables, so I can not say what it treats as invalid
packets.
nginx can not affect on TCP packets in general, because it’s low level
TCP
thing. However, there are some cases:
- MSIE always closes keepalive connection with RST packet,
- if reset_timedout_connection is on (off by default), then nginx
closes timed out connection with SO_LINGER 0, and it causes RST
packet
sent to a client. However, reset_timedout_connection did not affect
keepalive connections.