While reviewing a TCP dump for another task, I noticed frequent RSTs returned by appservers to LVS hosts.
This is a tcpdump from mw1261 (currently in the inactive DC) returned to vl1017-eth0.lvs1003.wikimedia.org.:
Given the frequency and the fact that happens also in the DC not serving live traffic, I'd say that this traffic are Pybal's HTTPS health checks?
Not really urgent but worth to track :)