On Wed, Jul 09, 2008 at 05:45:36AM -0700, Joseph Mack NA3T wrote:
> On Wed, 9 Jul 2008, Bruce Thompson wrote:
>> We are seeing a problem whereby the LB's for LDAPs in our performance
>> test environment drop connections sometimes
> if it's a timeout problem, the connection will be dropped always.
>> The problem is that the symptoms only appear under load and long test
> what's "long" - more than 15mins?
>> I noticed by reading the how-to that the default timeout for a tcp
>> connection is 15 minutes, if it hasn't received tcpfin. Might I be
>> better to set this to 12 hours instead?
> sure. The timeout is incase a session somehow gets lost and allows
> ipvsadm to shed these connections. However the timeout seems to bight a
> lot of people. I wonder if it mightn't be better to have the timeout at
> something like 24hrs. The ipvsadm table would have to carry dead
> connections for 24hrs, but I don't think that would be a big deal.
> Do you think it would be sensible to change the timeouts?
Yes, I think that is a good idea. As you mention it should
only be "lost" connections that end up polluting the connection table.
And if that is a problem, the timeout can always be reduced by