- 论坛徽章:
- 0
|
本帖最后由 helloiac 于 2014-10-15 09:16 编辑
说明:
1.局域网内有大量的windows destkop 40~50台,使用outlook 或者foxmail 等 3分钟自动连接邮件服务器收件或者不定时发送邮件
2.局域网内有部分linux 内网服务器,偶尔连接邮件服务器进行发件
3.整个局域网连接外网都nat 成同一个公网ip ccc ,router C 本身也是一台linux 主机开启转发
问题概述:
1.局域网内windows 主机telnet 邮件服务器A 一般都没有问题 但是使用局域网内的部分linux 主机telnet 时常会连接不上,不管是什么端口(22,25.443,995)都是一样的情况
2.外网linux 服务器B telnet 邮件服务器A 一般也都没有问题
在邮件服务器上抓包,服务器有收到syn 但是服务器没有返回包
以443端口为例
使用一台内网Fedora 19 telnet 服务器443端口,服务器上的抓包情况- 15:16:55.144222 IP xxx.xxx.xxx.xxx.46989 > xxx.xxx.xxx.xxx.https: Flags [S], seq 939563650, win 29200, options [mss 1460,sackOK,TS val 23633360 ecr 0,nop,wscale 7], length 0
- 15:17:03.160282 IP xxx.xxx.xxx.xxx.46989 > xxx.xxx.xxx.xxx.https: Flags [S], seq 939563650, win 29200, options [mss 1460,sackOK,TS val 23641376 ecr 0,nop,wscale 7], length 0
(window7 与Fedora19 位于同一台hub 上)- 15:20:54.484991 IP xxx.xxx.xxx.xxx.49218 > xxx.xxx.xxx.xxx.https: Flags [S], seq 31344922, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
- 15:20:54.485034 IP xxx.xxx.xxx.xxx.https > xxx.xxx.xxx.xxx.49218: Flags [S.], seq 1361958840, ack 31344923, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
- 15:20:54.485558 IP xxx.xxx.xxx.xxx.49218 > xxx.xxx.xxx.xxx.https: Flags [.], ack 1, win 4380, length 0
- 15:20:55.685554 IP xxx.xxx.xxx.xxx.https > xxx.xxx.xxx.xxx.49218: Flags [S.], seq 1361958840, ack 31344923, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
- 15:20:55.686359 IP xxx.xxx.xxx.xxx.49218 > xxx.xxx.xxx.xxx.https: Flags [.], ack 1, win 4380, options [nop,nop,sack 1 {0:1}], length 0
- 15:21:05.122927 IP xxx.xxx.xxx.xxx.49218 > xxx.xxx.xxx.xxx.https: Flags [F.], seq 1, ack 1, win 4380, length 0
- 15:21:05.123193 IP xxx.xxx.xxx.xxx.https > xxx.xxx.xxx.xxx.49218: Flags [F.], seq 1, ack 2, win 115, length 0
- 15:21:05.123813 IP xxx.xxx.xxx.xxx.49218 > xxx.xxx.xxx.xxx.https: Flags [.], ack 2, win 4380, length 0
fs.quota.syncs = 0
net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 120
net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 60
net.ipv4.tcp_syn_retries = 5
net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 10240
net.ipv6.conf.all.max_desync_factor = 600
net.ipv6.conf.default.max_desync_factor = 600
net.ipv6.conf.lo.max_desync_factor = 600
net.ipv6.conf.eth0.max_desync_factor = 600
net.ipv6.conf.eth1.max_desync_factor = 600
net.ipv6.conf.eth2.max_desync_factor = 600 |
|
免费注册
发表于 2014-10-13 17:40
