|
hi,
thanks for the quick answer....
ipchains -M -S 900 10 300 has no impact.
fin timeout stays 2 Minutes.Strange. How much Entries
can the lvs handle, or is the memory the only limit?
I just found the sysctl variables net.ipv4.vs.timeout*,
Maybe this is the place to modify the timeout settings?! ..
> Hendrik Thiel wrote:
> >
> > Hi all
> >
> > we are using a lvs in NAT Mode and everything works fine ...
> > Probably, the only Problem seems to be the huge number of (idle)
> > Connection Entries.
> >
> > ipvsadm shows a lot of inActConn (more than 10000 entries per
> > Realserver) entries.
> > ipchains -M -L -n shows that these connections last 2 minutes.
>
> FIN timeout is 2 mins by default.
>
> > Is it possible to reduce the time to keep the Masquerading Table
> > small? e.g. 10 seconds ...
>
> yes
>
> http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO_1.0-10.html#ss10.9
>
> unless this is causing you problems, you don't need to change your FIN
> timeout.
>
> Joe
>
> --
> Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
> contractor to the National Environmental Supercomputer Center,
> mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
Hendrik Thiel
Falk eSolutions AG
Tel: 02841/9097355
Fax: 02841-9097331
|
