一些 http 数据包未到达主机

tag-icon tag-icon networking http
一些 http 数据包未到达主机

我们遇到了一个非常奇怪的问题,即同一网络上两台机器之间的 http 流量:发送 HTTP 请求时,有些数据包无法到达另一台主机,正如您从 tcpdump 中看到的那样。有人知道是什么原因导致了这样的问题,我们可以做哪些测试来排除故障吗?

先感谢您。

服务器 A(xxx67):

10:52:54.766961 IP x.x.x.67.46526 > x.x.x.51.http: Flags [S], seq 3933450573, win 29200, options [mss 1460,sackOK,TS val 1799470837 ecr 0,nop,wscale 7], length 0
10:52:54.767169 IP x.x.x.51.http > x.x.x.67.46526: Flags [S.], seq 2443943736, ack 3933450574, win 14480, options [mss 1460,sackOK,TS val 2928651146 ecr 1799470837,nop,wscale 7], length 0
10:52:54.767185 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1799470838 ecr 2928651146], length 0
10:52:54.767310 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799470838 ecr 2928651146], length 241
10:52:54.967964 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799471039 ecr 2928651146], length 241
10:52:55.168969 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799471240 ecr 2928651146], length 241
10:52:55.571973 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799471643 ecr 2928651146], length 241
10:52:55.948432 IP x.x.x.51.http > x.x.x.67.46526: Flags [S.], seq 2443943736, ack 3933450574, win 14480, options [mss 1460,sackOK,TS val 2928652328 ecr 1799470837,nop,wscale 7], length 0
10:52:55.948455 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1799472019 ecr 2928651146], length 0
10:52:56.376977 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799472448 ecr 2928651146], length 241
10:52:57.948432 IP x.x.x.51.http > x.x.x.67.46526: Flags [S.], seq 2443943736, ack 3933450574, win 14480, options [mss 1460,sackOK,TS val 2928654328 ecr 1799470837,nop,wscale 7], length 0
10:52:57.948451 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1799474019 ecr 2928651146], length 0
10:52:57.988966 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799474060 ecr 2928651146], length 241
10:52:59.780422 ARP, Request who-has x.x.x.67 tell x.x.x.51, length 46
10:52:59.780437 ARP, Reply x.x.x.67 is-at x:x:x:x:x:1f, length 28
10:53:01.208971 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799477280 ecr 2928651146], length 241
10:53:01.948448 IP x.x.x.51.http > x.x.x.67.46526: Flags [S.], seq 2443943736, ack 3933450574, win 14480, options [mss 1460,sackOK,TS val 2928658328 ecr 1799470837,nop,wscale 7], length 0
10:53:01.948459 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1799478019 ecr 2928651146], length 0
10:53:07.657010 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799483728 ecr 2928651146], length 241
10:53:07.657235 IP x.x.x.51.http > x.x.x.67.46526: Flags [.], ack 242, win 122, options [nop,nop,TS val 2928664036 ecr 1799483728], length 0
10:53:07.785710 IP x.x.x.51.http > x.x.x.67.46526: Flags [.], seq 1:1449, ack 242, win 122, options [nop,nop,TS val 2928664165 ecr 1799483728], length 1448
10:53:07.785722 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 1449, win 251, options [nop,nop,TS val 1799483856 ecr 2928664165], length 0
10:53:07.785884 IP x.x.x.51.http > x.x.x.67.46526: Flags [P.], seq 1449:2105, ack 242, win 122, options [nop,nop,TS val 2928664165 ecr 1799483856], length 656
10:53:07.785891 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 2105, win 274, options [nop,nop,TS val 1799483856 ecr 2928664165], length 0
10:53:07.785977 IP x.x.x.67.46526 > x.x.x.51.http: Flags [F.], seq 242, ack 2105, win 274, options [nop,nop,TS val 1799483857 ecr 2928664165], length 0
10:53:07.791437 IP x.x.x.51.http > x.x.x.67.46526: Flags [F.], seq 2105, ack 243, win 122, options [nop,nop,TS val 2928664171 ecr 1799483857], length 0
10:53:07.791447 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 2106, win 274, options [nop,nop,TS val 1799483862 ecr 2928664171], length 0

服务器 B(xxx51):

10:52:54.769644 IP x.x.x.67.46526 > x.x.x.51.http: Flags [S], seq 3933450573, win 29200, options [mss 1460,sackOK,TS val 1799470837 ecr 0,nop,wscale 7], length 0
10:52:54.769666 IP x.x.x.51.http > x.x.x.67.46526: Flags [S.], seq 2443943736, ack 3933450574, win 14480, options [mss 1460,sackOK,TS val 2928651146 ecr 1799470837,nop,wscale 7], length 0
10:52:55.950929 IP x.x.x.51.http > x.x.x.67.46526: Flags [S.], seq 2443943736, ack 3933450574, win 14480, options [mss 1460,sackOK,TS val 2928652328 ecr 1799470837,nop,wscale 7], length 0
10:52:57.950927 IP x.x.x.51.http > x.x.x.67.46526: Flags [S.], seq 2443943736, ack 3933450574, win 14480, options [mss 1460,sackOK,TS val 2928654328 ecr 1799470837,nop,wscale 7], length 0
10:52:59.782918 ARP, Request who-has x.x.x.67 tell x.x.x.51, length 28
10:52:59.783093 ARP, Reply x.x.x.67 is-at x:x:x:x:x:1f, length 46
10:53:01.950939 IP x.x.x.51.http > x.x.x.67.46526: Flags [S.], seq 2443943736, ack 3933450574, win 14480, options [mss 1460,sackOK,TS val 2928658328 ecr 1799470837,nop,wscale 7], length 0
10:53:07.659702 IP x.x.x.67.46526 > x.x.x.51.http: Flags [P.], seq 1:242, ack 1, win 229, options [nop,nop,TS val 1799483728 ecr 2928651146], length 241
10:53:07.659726 IP x.x.x.51.http > x.x.x.67.46526: Flags [.], ack 242, win 122, options [nop,nop,TS val 2928664036 ecr 1799483728], length 0
10:53:07.788181 IP x.x.x.51.http > x.x.x.67.46526: Flags [.], seq 1:1449, ack 242, win 122, options [nop,nop,TS val 2928664165 ecr 1799483728], length 1448
10:53:07.788374 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 1449, win 251, options [nop,nop,TS val 1799483856 ecr 2928664165], length 0
10:53:07.788381 IP x.x.x.51.http > x.x.x.67.46526: Flags [P.], seq 1449:2105, ack 242, win 122, options [nop,nop,TS val 2928664165 ecr 1799483856], length 656
10:53:07.788536 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 2105, win 274, options [nop,nop,TS val 1799483856 ecr 2928664165], length 0
10:53:07.788614 IP x.x.x.67.46526 > x.x.x.51.http: Flags [F.], seq 242, ack 2105, win 274, options [nop,nop,TS val 1799483857 ecr 2928664165], length 0
10:53:07.793955 IP x.x.x.51.http > x.x.x.67.46526: Flags [F.], seq 2105, ack 243, win 122, options [nop,nop,TS val 2928664171 ecr 1799483857], length 0
10:53:07.794094 IP x.x.x.67.46526 > x.x.x.51.http: Flags [.], ack 2106, win 274, options [nop,nop,TS val 1799483862 ecr 2928664171], length 0

答案1

这可能是与 MTU 相关的问题。

为了进行测试,请尝试在两个服务器上降低 MTU,发出以下命令ifconfig <ifname> mtu 580

不过,这只能视为一种解决方法。如果问题解决了,请恢复原始 MTU(发布ifconfig <ifname> mtu 1500并咨询防火墙管理员/ISP,了解为何较大的数据包会被丢弃。

相关内容