[CentOS] ip6tables REJECT target 3s timeout
Markus Falb
markus.falb at fasel.atWed Nov 21 16:40:05 UTC 2012
- Previous message: [CentOS] Conntrackd - fail at startup.
- Next message: [CentOS] ip6tables REJECT target 3s timeout
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
I am trying to get ipv6 firewall running. I did a very simple ip6tables
rules and noticed very long running yum updates. I think that happened
because firewall is dropping outgoing packets to port 80. Well, I
thought to mitigate the issue and changed outgoing from drop to reject.
Now I try manually
# strace telnet 2a02:180:ffff:1::551f:b966 80
...
connect(3, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6,
"2a02:180:ffff:1::551f:b966", &sin6_addr), sin6_flowinfo=0,
sin6_scope_id=0}, 28
3 second delay
) = -1 ECONNREFUSED (Connection refused)
...
The ECONNREFUSED is quite expected of course, but what is not expected
that the connect syscall lasts 3 seconds. This 3 second delay is not
happening with a equivalent telnet to a IPv4 address.
Why is this 3 second delay?
--
Kind Regards, Markus Falb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 306 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20121121/ec075a7d/attachment.sig>
- Previous message: [CentOS] Conntrackd - fail at startup.
- Next message: [CentOS] ip6tables REJECT target 3s timeout
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list