[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apache question

On Wed, Nov 12, 2003 at 01:48:40PM +0100, Eduard Ballester (ballester@ipsistemas.com) wrote:
> Hi
> * 62.XX.YYY.ZZZ is a server with Apache1.3.x that it only serves static 
> pages.
> * All the NICs have Public IP Address.
> Internet
>   |
>   |
> NetScreen
>   |
>   |
> Alteon(load balance)
>   |_____________________
>   |       |       |     |
> Apache1  ...           ApacheN
> Do you know why Apache has this behavior? Why Apache initiates the 
> connections with  src_port 80 and random dst_port?

You might want to check your load ballancing configuration. It seems
like you may have sessions the alteon has forgotten about, but apache is
sending a reply to. It would be a good idea to watch some traffic on
port 80 (tcpdump) on some of the apache boxes themselves to see what
they are responding to. You may also want to watch the sessions on the
alteon to see if they match up, and some place above the alteon too (the
originator of the requests, if at all possible).  Having traffic
src_port 80 and some random dst_port is normal (and wanted!) from a web
server, but NetScreen seems to think there is a problem, so my guess is
its a tcp session problem.


Jay Kline

Reply to: