Pages

Subscribe:

Thursday, July 14, 2016

Resolved Error TCP segment of a reassembled PDU

Error code as noted in Wireshark:-
106   8.721506 0.000024 TCP 172.XX.XXX.XXX -> 172.XX.XX.XXX 368 [TCP segment of a reassembled PDU] 106

Problem statement:- Behind the ELB we were using the HAproxy and sending an options request in which the original request status was replaced by 200 status using the cors configuration. While HAproxy received the request from the ELB and responed back with 200 status ELB was not able to respond back and connection was terminated.

Resolution:- After recording the tcpdump and capturing the packets using the pcap file generated and analyzed via the wireshark we noticed the packed 106 was a [TCP segment of a reassembled PDU]. Actually the HTTP Packet is not complete, so the Wireshark is also unable to see the packet as an HTTP valid one, this is the same behavior as the ELB have.

According to the RFC-2616, section-6  After receiving and interpreting a request message, a server responds with an HTTP response message. [2]

       Response      = Status-Line               ; Section 6.1
                       *(( general-header        ; Section 4.5
                        | response-header        ; Section 6.2
                        | entity-header ) CRLF)  ; Section 7.1
                       CRLF
                       [ message-body ]          ; Section 7.2

So after the HEADER Section, it's required a CRLF (Carriage Return  + Line Feed) to complete the HEADER Section.

In our case the this was missing.

ELB needs the full request to understand that the request has been completed, so it's mandatory to be fully compliant with the RFC-2616.

In order to fix the issue, we have to add a CRLF after the Content-Lenght: 0 in the end of the file

This can be done by doing this:

# echo >> /directory/file.http

Then you will see that the file is on Unix format, Unix format does not use CRLF terminators:

# file /directory/file.http
/directory/file.http: ASCII text

So the file needs to be converted, in order to do that there is a tool called unix2dos, on Red Hat it can be installed by issuing this command:

# yum install unix2dos -y

then to convert the file:

# unix2dos /directory/file.http
unix2dos: converting file /directory/file.http to DOS format ...

You will see that the the file now will have CRLF line terminators:

# file /directory/file.http
/directory/file.http: ASCII text, with CRLF line terminators

After doing this we needed to restart HA-Proxy to use this new file that rewrites the http status from 503 to 200.

You can check the last line as

# cat -A /directory/file.http

last line should be blank (with CRLF which is the ^M$)

user-id^M$
Content-Length: 0^M$
^M$

0 comments:

Post a Comment