Re: LVS Timeouts

To:	<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: LVS Timeouts
From:	"Michael McConnell" <michaelm@xxxxxxxxxxx>
Date:	Sun, 7 Oct 2001 13:30:09 -0700

Once the time out value has been increased connections remain until that
time out occurs. Any suggestions of forcing the timeout period to end aka
resetting the MASQ table?

Michael


> If you have unlimited resources, then you will be able to
> configure infinite timeout.  Each connection takes a little
> bit of memory.  We found at 10 hours, that is already
> stretching -- all the connections in last 10 hours taking
> quite bit of memory.   Since no one can have unlimited
> resources in one computer, I don't think infinite timeout
> can be done easily.
>
> At 02:22 PM 10/5/2001 -0700, Michael McConnell wrote:
> >How about an Infinite timeout?
> >
> >
> >----- Original Message -----
> >From: "Wayne" <wayne@xxxxxxxxxxxxxxx>
> >To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>;
<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
> >Cc: <kodland@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
> >Sent: Friday, October 05, 2001 9:28 AM
> >Subject: Re: LVS Timeouts
> >
> >
> >> Julian had posted answer about two years ago:
> >> > > > to alter this timeout value to something > 8 hours to avoid flak
> >from
> >> > > > users.
> >> > >
> >> > > On the director:
> >> > >
> >> > > ipchains -M -S 36000 0 0
> >> > >
> >> > > 36000 is 10 hours TCP timeout. man ipchains. You can try
> >> > > with different value.
> >> >
> >> >
> >>
> >> At 12:19 PM 10/5/2001 -0400, mack@xxxxxxxxxxxx wrote:
> >> >On Fri, 5 Oct 2001, Kris Odland wrote:
> >> >
> >> >> Here's whats going on.  We are using LVS for load balancing imap
> >servers,
> >> >> we have the tunneling option set up so the individual servers reply
to
> >> >> the client.
> >> >
> >> >I don't have an answer, but I do have some more questions..
> >> >
> >> >I assume all the imap realservers are writing to one common
filesystem?
> >> >
> >> >> We are seeing a problem if you have your email client set up to copy
> >> >> sent messages to a "Sent" folder on the imap server.  The client
opens
> >> >> a seperate connection to the imap server for the sent folder.
> >> >
> >> >Is this to the same VIP:port as the first connection?
> >> >
> >> >If it's different, you could be connecting to a different realserver
> >> >than for the first imap connection. Is this a problem?
> >> >
> >> >  The
> >> >> problem is if you are typing a message and you have it open for a
while
> >> >> (20 or 30 minutes) the imap connection for the sent folder is timed
> >out.
> >> >> It tries sending it through the old connection (port) and gets "Port
> >> >> Unreachable" error from the imap server (not the LVS server) when it
> >tries
> >> >> copying the message to sent mail.  It will re-open the connection
after
> >a
> >> >> bit, but not when it is trying to to the sent mail thing.
> >> >
> >> >The tcp connection through the director will be dropped in about
15mins
> >> >(depending on your kernel).
> >> >
> >>
>
>>http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO-11.html#ss11
.
> >30
> >> >
> >> >> It seems that after 30 minutes the imap server sends a "BYE" message
> >> >> because it has been idle too long, and it does an autologout for the
> >> >> corresponding folder.  This should be followed by a FIN, and then
ACK
> >from
> >> >> the client.  In this case the ACK is not making it to the server,
but
> >> >> being rejected with "Port Unreachable" messages, so the server keeps
on
> >> >> trying to close the connection.
> >> >
> >> >I would assume this is because the director has already dropped the
link
> >> >(look at the output of ipvsadm if you can do it with a machine and
only
> >> >one connection and you can sit around and wait - you could reduce the
> >> >tcp timeout as listed above to speed things up a bit).
> >> >
> >> >
> >> >Joe
> >> >
> >> >--
> >> >Joseph Mack, mack@xxxxxxxxxxxx
> >> >Linux Virtual Server project
> >> >http://www.linuxvirtualserver.org
> >> >
> >> >
> >> >_______________________________________________
> >> >LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> >> >Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> >> >or go to http://www.in-addr.de/mailman/listinfo/lvs-users
> >>
> >>
> >> _______________________________________________
> >> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> >> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> >> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
> >>
> >
> >
> >_______________________________________________
> >LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> >Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> >or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>

<Prev in Thread]	Current Thread	[Next in Thread>
LVS Timeouts, Kris Odland Re: LVS Timeouts, mack@xxxxxxxxxxxx Re: LVS Timeouts, Kris Odland Re: LVS Timeouts, Michael E Brown Re: LVS Timeouts, Joseph Mack Message not available Re: LVS Timeouts, Wayne Re: LVS Timeouts, Michael McConnell Re: LVS Timeouts, Wayne Re: LVS Timeouts, Michael McConnell <= Re: LVS Timeouts, Jesse W. Asher

Previous by Date:	Re: acess to loadbalanced services from inside the nat in an lvs-natset up, Christian Bronk
Next by Date:	about Persistent connection, charles huang
Previous by Thread:	Re: LVS Timeouts, Wayne
Next by Thread:	Re: LVS Timeouts, Jesse W. Asher
Indexes:	[Date] [Thread] [Top] [All Lists]