|
Hello,
On Thu, 23 Nov 2000, joern maier wrote:
> > May be you need to tune amemthresh. 1024 pages (4MB) are too
> > low value. What shows "free" under attack? You can try with 1/8 RAM size
> > for example. You know what is the main goal of these defense strategies:
> > to keep free memory in the director. Nothing more. They are activated
> > according to the free memory size. The packet rate is not considered.
> >
> that sounds all good to me, but what I´m really wondering about is, why
> has the drop_entry variable still a value of 1 => I thought it has to be
> 2 when
> my System is under attack ? To me it looks like LVS does not even think
> it´s under attack and therefore does not use the drop_entry mechanism
You are right. You forgot to specify when the LVS to think it is
under attack.
Read again my mail carefully. drop_entry switches automatically
from 1 to 2 when the free memory reaches amemthresh. Show us an evidence
that your free memory is below 4MB.
int ip_vs_amem = nr_free_pages+page_cache_size+(buffermem>>PAGE_SHIFT);
int nomem = (ip_vs_amem < sysctl_ip_vs_amemthresh);
Read http://www.linuxvirtualserver.org/defense.html
I just read it and I see that everything is explained.
> cheers,
> Joern
Regards
--
Julian Anastasov <ja@xxxxxx>
|
