On Thu, Sep 15, 2005 at 09:21:41AM +0200, Ludwig Nussel wrote:
Ashley Gould wrote:
SuSE Prof. 9.1 2.6.5-7.201-smp SuSEfirewall2-3.1-310.3
After updating to the latest kernel rpm on our webserver, we experience consistant delay in access times to all web pages of about .2 seconds. Running tcpdump on page access shows a pause just before server pushes first full data packet after acknowlaging get request from client.
After many days of hair pulling, flapping about of managers and pestering of network people, I traced this down to the SuSEfirewall, specifically a mangle rule in the postrouting table:
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 80 -j TOS --set-tos 0x08
After extracting this rule with iptables-save/restore, the delay is gone.
FWIW, newer SuSEfirewall2 versions do no longer mangle TOS values.
This is the newest available on ftp.suse.com update page for 9.1. Do you know where I would find the newer versions without upgrading the whole system? Is SuSE no longer keeping SuSEfirewall2 current for 9.1?
cu Ludwig
-- (o_ Ludwig Nussel //\ SUSE LINUX Products GmbH, Development V_/_ http://www.suse.de/
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-- -ashley Did you try poking at it with a stick?