From: | Cliff Pratt <enkiduonthenet(at)gmail(dot)com> |
---|---|
To: | dx k9 <bitsandbytes88(at)hotmail(dot)com> |
Cc: | posgres support <pgsql-admin(at)postgresql(dot)org> |
Subject: | Re: TCP packet out of state: First packet isn't SYN tcp_flags: ACK |
Date: | 2014-04-11 00:42:37 |
Message-ID: | CADXosEJhwHTd_PTkMu2OW6NyCZ752tNN=ds9PDjZWKsNrRtLUw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
I believe that those message are innocuous, but I can't be sure. It's
caused by a timeout issue. (sorry, I looked into this at one time, but I
forget the details). If you have Checkpoint Firewall 1, as I recall there
is an article on the web site about this. Sorry to be so vague, but this
may give you a hint of a direction to look in.
Cheers,
Cliff
On Fri, Apr 11, 2014 at 7:50 AM, dx k9 <bitsandbytes88(at)hotmail(dot)com> wrote:
> Hi, we are running postgresql 9.1.9 on SLES 11. We connect to it from a
> web server in the DMZ running on CentOS 6.5, observed with 6.4 as well.
> Our theory is running the same OS on the postgres and web server
> might clear all these TCP packet out of state drops we see thru the
> firewall.
>
> Source port 5432 using random services 40090, 40451, 40450, 40091,
> 40090, 40450, 40451, 40091, 46482. It's unclear why the database server
> periodically is trying to connect to the web server with these
> services. There doesn't seem to be any service complaints, but
> periodically we see these in the firewall logs, it seems benign.
>
From | Date | Subject | |
---|---|---|---|
Next Message | Jaime Casanova | 2014-04-11 01:48:13 | Re: Postgresql 9.3 en cluster |
Previous Message | dx k9 | 2014-04-10 19:50:36 | TCP packet out of state: First packet isn't SYN tcp_flags: ACK |