...
- iptables NAT masquerade.
If connections on the loopback are affected this will break the heartbeat because the connection source address will be a host address, not the loopback address. To fix this, change your iptables rules to not perform NAT masquerade on the heartbeat connection. Two possible approaches are- Explicitly disable MASQUERADE on the loopback interface and addresses (make these the first rules in the NAT POSTROUTING list
iptables --insert POSTROUTING --table nat -o lo -j RETURN
iptables --append POSTROUTING --table nat -s 127.0.0.1 -j RETURN
iptables --append POSTROUTING --table nat -d 127.0.0.1 -j RETURN - Apply MASQUERADE explicitly to the non-loopback interfaces. If you have
eth0
andeth1
then useiptables --append --table nat -o eth0 -j MASQUERADE
iptables --append --table nat -o eth1 -j MASQUERADE
- Explicitly disable MASQUERADE on the loopback interface and addresses (make these the first rules in the NAT POSTROUTING list
- Generic remap rules, such as "
map / http://some.other.place.com
"
To fix this, either - add an additional rule to prevent the generic rule from triggering on heartbeat connections, such as
map /synthetic.txt http://localhost:8083/synthetic.txt
- apply the fix from
. TS-2934 (remove this when wiki is fixed and preceding link works)Jira server Issues key TS-2934