Hi,I've got Apache 2.0.55 built from source and am seeing an odd problem related to multiple IP addresses on VLANs.
The server has a trunked connection back to our switch and has the IP addresses 172.24.12.9, 172.24.11.3 and 172.16.14.104. These are configured as bond0, bond0:2 and bond0.2 respectively. There are other aliases IP addresses on bond0 but they're probably irrelevant for this problem.
Apache is listening on all interfaces, port 80 and 443.I have a client at 172.16.40.32 attempting to connect to port 80 on 172.24.11.3. The following occurs:
# telnet 172.24.11.3 80 Trying 172.24.11.3... Connected to 172.24.11.3 (172.24.11.3). Escape character is '^]'. Connection closed by foreign host. An strace against httpd shows:[pid 31138] accept(3, {sa_family=AF_INET, sin_port=htons(44894), sin_addr=inet_addr("172.16.40.32")}, [16]) = 16
[pid 31138] semop(6914069, 0xb79f0c, 1) = 0 [pid 31138] futex(0x837c474, FUTEX_WAKE, 1 <unfinished ...> [pid 31130] <... futex resumed> ) = 0 [pid 31138] <... futex resumed> ) = 1 [pid 31138] semop(6914069, 0xb79f12, 1) = 0 [pid 31138] poll( <unfinished ...> [pid 31130] futex(0x837c43c, FUTEX_WAKE, 1) = 0[pid 31130] getsockname(16, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr("172.24.11.3")}, [16]) = 0
[pid 31130] fcntl64(16, F_GETFL) = 0x2 (flags O_RDWR) [pid 31130] fcntl64(16, F_SETFL, O_RDWR|O_NONBLOCK) = 0[pid 31130] read(16, 0x83eccf8, 8000) = -1 EAGAIN (Resource temporarily unavailable) [pid 31130] poll([{fd=16, events=POLLIN, revents=POLLIN|POLLERR|POLLHUP}], 1, 300000) = 1 [pid 31130] read(16, 0x83eccf8, 8000) = -1 ECONNRESET (Connection reset by peer)
[pid 31130] gettimeofday({1138182161, 971221}, NULL) = 0
[pid 31130] shutdown(16, 1 /* send */) = -1 ENOTCONN (Transport
endpoint is not connected)
[pid 31130] close(16) = 0If I then perform 'ifconfig bond0.2 down', 'ifconfig bond0.2 up' and repeat the test everything works as expected! It carries on working for a while and then gives up the ghost again!
Apache is receiving the connection and I can see from a packet capture that the three-way handshake is completing but for some reason it's dropping the connection - almost like tcpwrappers does!
Whilst Apache is refusing the connections, I can still ssh to the same IP address.
This one has me puzzled - if anyone can shed some light on it, it would be much appreciated!
Many thanks in advance,
Neil.
--
Neil Hillard hillardn@xxxxxxxxx
Westland Helicopters Ltd. http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
views of Westland Helicopters Ltd.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|