LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Tunneling & Timeouts

To: linux-virtualserver@xxxxxxxxxxxx
Subject: Tunneling & Timeouts
From: Peter Kese <peter.kese@xxxxxx>
Date: Wed, 03 Feb 1999 15:55:37 +0100
Hi!

I would first like to thank Wensong Zhang for making the local-server
functionality available for general public. I am kind of embarrassed
about the fact that my name got into all the readme files... Feels
almost like too much of a reward for one single line of code. ;-) Thanks
anyway, I guess I now have a good reason to get down to work and start
producing some more patches.

--

For the past few days, I have been exploring the VS-Tunneling
functionality and I came up with a question I can't answer myself... 

Let's suppose I set up a tunneling VS configuration for a web or proxy
server. Clients send the requests (through the VS router) and the
servers reply directly to clients. When the transfer is finished, the
server closes the TCP socket. That means it sends an IP packet to the
client to notify it that the socket had been closed. But this IP packet
does not get intercepted by the VS and the masquerading entry remains in
the hash table and stays there for the next 15 minutes until the
TCP/masq timeout mechanism decides the connection is dead.

Am I right?

If I am, than we might be in trouble. In a web proxy configuration, the
amount of hourly requests easily exceeds 100000 requests per hour. That
means that in each moment there would be 25000 'zombie' masquerading
entries messing up the hash table.

Any ideas?

Cheers,
                                Peter

<Prev in Thread] Current Thread [Next in Thread>