|
Julian had posted answer about two years ago:
> > > to alter this timeout value to something > 8 hours to avoid flak from
> > > users.
> >
> > On the director:
> >
> > ipchains -M -S 36000 0 0
> >
> > 36000 is 10 hours TCP timeout. man ipchains. You can try
> > with different value.
>
>
At 12:19 PM 10/5/2001 -0400, mack@xxxxxxxxxxxx wrote:
>On Fri, 5 Oct 2001, Kris Odland wrote:
>
>> Here's whats going on. We are using LVS for load balancing imap servers,
>> we have the tunneling option set up so the individual servers reply to
>> the client.
>
>I don't have an answer, but I do have some more questions..
>
>I assume all the imap realservers are writing to one common filesystem?
>
>> We are seeing a problem if you have your email client set up to copy
>> sent messages to a "Sent" folder on the imap server. The client opens
>> a seperate connection to the imap server for the sent folder.
>
>Is this to the same VIP:port as the first connection?
>
>If it's different, you could be connecting to a different realserver
>than for the first imap connection. Is this a problem?
>
> The
>> problem is if you are typing a message and you have it open for a while
>> (20 or 30 minutes) the imap connection for the sent folder is timed out.
>> It tries sending it through the old connection (port) and gets "Port
>> Unreachable" error from the imap server (not the LVS server) when it tries
>> copying the message to sent mail. It will re-open the connection after a
>> bit, but not when it is trying to to the sent mail thing.
>
>The tcp connection through the director will be dropped in about 15mins
>(depending on your kernel).
>
>http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO-11.html#ss11.30
>
>> It seems that after 30 minutes the imap server sends a "BYE" message
>> because it has been idle too long, and it does an autologout for the
>> corresponding folder. This should be followed by a FIN, and then ACK from
>> the client. In this case the ACK is not making it to the server, but
>> being rejected with "Port Unreachable" messages, so the server keeps on
>> trying to close the connection.
>
>I would assume this is because the director has already dropped the link
>(look at the output of ipvsadm if you can do it with a machine and only
>one connection and you can sit around and wait - you could reduce the
>tcp timeout as listed above to speed things up a bit).
>
>
>Joe
>
>--
>Joseph Mack, mack@xxxxxxxxxxxx
>Linux Virtual Server project
>http://www.linuxvirtualserver.org
>
>
>_______________________________________________
>LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>or go to http://www.in-addr.de/mailman/listinfo/lvs-users
|
