I have been trying to track down issues with my web proxy slowing to a crawl during high traffic times during midday (has been a daily occurrence here the past several weeks) and have an open ticket with our vendor. Whilst poking around on my own, I was watching the live log for the packet filter and noticed a LOT of dropped packets for the Astaro itself for the web proxy port 8080 to clients. Is this normal? Here is a small sample from the live log:
09:40:42 Default DROP TCP 10.28.0.100 : 8080
→ 10.22.76.40 : 1235
[RST] len=40 ttl=64 tos=0x00 srcmac=0:50:56:af:40:24
09:40:42 Default DROP TCP 10.28.0.100 : 8080
→ 10.22.75.68 : 1178
[RST] len=40 ttl=64 tos=0x00 srcmac=0:50:56:af:40:24
09:40:42 Default DROP TCP 10.28.0.100 : 8080
→ 10.23.3.109 : 1178
[RST] len=40 ttl=64 tos=0x00 srcmac=0:50:56:af:40:24
09:40:43 Default DROP TCP 10.28.0.100 : 8080
→ 10.21.85.2 : 1417
[RST] len=40 ttl=64 tos=0x00 srcmac=0:50:56:af:40:24
09:40:43 Default DROP TCP 10.28.0.100 : 8080
→ 10.21.3.207 : 2001
[RST] len=40 ttl=64 tos=0x00 srcmac=0:50:56:af:40:24
09:40:47 Default DROP TCP 10.28.0.100 : 8080
→ 10.21.3.207 : 2001
[RST] len=40 ttl=64 tos=0x00 srcmac=0:50:56:af:40:24
The 10.28.0.100 is the internal interface of the Astaro server - the destination addresses are client workstation IPs. Why is the packet filter dropping these reset (RST) packets? Any ideas of what I should look for (maybe I have something mis-configured?)
This thread was automatically locked due to age.
