On Fri, Feb 12, 2010 at 04:17:21PM +0100, Peter Griffin wrote:
> Hi guys,
> Just an update... had the same problem and was ordered to remove haproxy and
> install LVS with CentOs. When I went on the console I saw lots of Conntrack
> messages and Dropped packet messages so I'm not sure whether some tuning
> wold have in fact solved the problem.
yes indeed it would have solved it. I bet you haven't tuned it at all, so it's tuned as a workstation with very little session counts. You should definitely either remove any conntrack module or tune it appropriately (meaning that you should set the conntrack_max value very high, several hundred thousands, and the hash size to approxy 1/16 to 1/4 of the conntrack_max). It's useful to reduce the conntrack timeouts too, as most of the time they are extremely high (eg: 5 days for established sessions, 120 seconds for TIME_WAIT, both of which are too large for moderate to high traffic sites).
Regards,
Willy
Received on 2010/02/13 00:20
This archive was generated by hypermail 2.2.0 : 2010/02/13 00:30 CET