So... I have this one machine that is A hybrid of RedHat v6.2 (OLD Piglet) and newer version of Fedora Core.
I have Firewalls/Routers that are CentOSv6.5 and an NFS server that is CentOSv5.10
This all started when I swapped out my router/firewall from a machine that was having difficulty communicating and would only communicate on IPv6, even though I had/have zero IPv6 on my Corporate Network.
So, the issue. Intermittent write support for NFS would fail if the file was over 1480 bytes in size. (After 3 days of deduction... I discovered this bit after MUCH MUCH testing)
I discovered a backport into the CentOSv6.5 kernel from a 3.x.x started enforcing a Fragmentation restriction that came about due to a DoS or other exploit/issue.
What it was, Linux kernel 2.4.20 and before, an NFS bug on files larger than MTU, needing fragmentation. The OS handled it... up to the last packet, which nfs handled it... a filesystem check would fail and the nfs subsystem would 0 length file size the file, due to the error and the OS would correct it... not violating the restrictions before Kernel 2.6.32-431.20.3.el6... but with 2.6.32-431.20.3.el6, the routing Kernel would reject the packet as it changed either some kind of encapsulation or some kind of other header info.
So... to get this to work on this machine that has a reduced set of work it is doing now... set the wsize and rsize on the nfs mount to 1024, which is smaller than the MTU and bit boundary kosher. This then forces NFS to do all the fragmentation work and therefore not change the method on it. It only affect NFs... so I don't care.
Meh, tcpdump in -vvv mode was the only way I was able to watch it. Watched about 16MB of straight text, from the client, server and both NICs on the router/firewall... I had to line it all up, glad I have time synchronized on all my machines via NTP.
I have Firewalls/Routers that are CentOSv6.5 and an NFS server that is CentOSv5.10
This all started when I swapped out my router/firewall from a machine that was having difficulty communicating and would only communicate on IPv6, even though I had/have zero IPv6 on my Corporate Network.
So, the issue. Intermittent write support for NFS would fail if the file was over 1480 bytes in size. (After 3 days of deduction... I discovered this bit after MUCH MUCH testing)
I discovered a backport into the CentOSv6.5 kernel from a 3.x.x started enforcing a Fragmentation restriction that came about due to a DoS or other exploit/issue.
What it was, Linux kernel 2.4.20 and before, an NFS bug on files larger than MTU, needing fragmentation. The OS handled it... up to the last packet, which nfs handled it... a filesystem check would fail and the nfs subsystem would 0 length file size the file, due to the error and the OS would correct it... not violating the restrictions before Kernel 2.6.32-431.20.3.el6... but with 2.6.32-431.20.3.el6, the routing Kernel would reject the packet as it changed either some kind of encapsulation or some kind of other header info.
So... to get this to work on this machine that has a reduced set of work it is doing now... set the wsize and rsize on the nfs mount to 1024, which is smaller than the MTU and bit boundary kosher. This then forces NFS to do all the fragmentation work and therefore not change the method on it. It only affect NFs... so I don't care.
Meh, tcpdump in -vvv mode was the only way I was able to watch it. Watched about 16MB of straight text, from the client, server and both NICs on the router/firewall... I had to line it all up, glad I have time synchronized on all my machines via NTP.