1

Trying to find why the connection is reset by peer. Any idea what to look for in wireshark or how to troubleshoot correctly to find a solution?

curl --tlsv1.0 https://www.xxx.com -v

Hostname was NOT found in DNS cache
  Trying ipaddress...
Connected to xxxx.com (ipaddress) port 443 (#0)
Initializing NSS with certpath: sql:/etc/pki/nssdb
  CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
NSS error -5961 (PR_CONNECT_RESET_ERROR)
TCP connection reset by peer
Closing connection 0
curl: (35) TCP connection reset by peer
Improve this question
2
  • cat /etc/*-release NAME="Red Hat Enterprise Linux Server" VERSION="7.0 (Maipo)" ID="rhel" ID_LIKE="fedora" VERSION_ID="7.0" PRETTY_NAME="Red Hat Enterprise Linux Server 7.0 (Maipo)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:redhat:enterprise_linux:7.0:GA:server" HOME_URL="redhat.com" BUG_REPORT_URL="bugzilla.redhat.com" REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7" REDHAT_BUGZILLA_PRODUCT_VERSION=7.0 REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux" REDHAT_SUPPORT_PRODUCT_VERSION=7.0 Red Hat Enterprise Linux Server release 7.0 (Maipo) Commented Nov 11, 2014 at 23:10
  • [root@ip-10-0-0-197 ec2-user]# uname -a Linux ip-10-0-0-197.ec2.internal 3.10.0-123.8.1.el7.x86_64 #1 SMP Mon Aug 11 13:37:49 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux Commented Nov 11, 2014 at 23:12

1 Answer 1

Reset to default
1

Changing AWS default MTU was the answer for me. Curl, etc. worked fine after that.

To make the setting permanent for eth0, edit the configuration file /etc/sysconfig/network-scripts/ifcfg-eth0 and add the line MTU=1200 as shown below:

DEVICE=eth0
MTU=1500
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet

Then, restart the interface (as root): service network restart eth0

Resources: https://serverfault.com/questions/594727/openssl-hangs-after-client-hello http://www.redhat.com/magazine/002dec04/departments/tips_tricks/

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

If you're using Amazon Linux AMI, the file to edit is /etc/dhcp/dhclient-eth0.conf or /etc/dhcp/dhclient.conf. Your resources helped me figure this out. Link to this change since it also requirins adding a different line to the file: docs.aws.amazon.com/AWSEC2/latest/UserGuide/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.