Дима Рубинштейн (dimrub) wrote in gotchas,
Дима Рубинштейн

Linux ignores SYN packets

Problem: once in a while, a Linux server will not accept connections. A capture shows 3 SYN packets coming from the same client (one, after 3 seconds - another, after another 6 seconds - the third one), all unanswered. Sited several times in CentOS, but to me it actually happened on Debian.

Analysis: In our case, iptables where installed, with the rule in the INPUT chain, that was supposed to DROP packets in INVALID state. For some reason, it was dropping those absolutely valid SYNs

Solution: Removing the rule solved the problem.
Tags: iptables, linux, networking
