|
On Thu, 2013-05-23 at 15:28 -0500, daryl herzmann wrote:
> Sorry, ignorance is biting me here and I am not sure what you mean. I
> thought iptables was necessary to make LVS-NAT work in the first place.
No, it isn't.
If you have rules in place and something making use of the conntrack
modules (matching ESTABLISHED/RELATED for example) then you *could* -
I'm not saying *will :) - see performance problems. That may explain the
"single connection is fast but lots at the same time aren't" scenario.
As the conntrack modules run in kernel space that could explain the CPU
usage stats, too.
Try turning off any conntrack-related rules and see if it helps.
Graeme
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
