|
> > The solution I applied was to reduce the MASQ_TIME_WAIT
>
> you did this in the LVS code?
I modified the initialization values in the
masq_timeout_table for IP_MASQ_S_TIME_WAIT to 1*30HZ
in the file ip_masq.c. The current /proc interface allows modification
of this value only when the secure TCP is enabled, I should have
probably just used that.....
>
>
> > and also to
> > enforce that every new SYN (thank TCP for this) goes to scheduler
> > by taking a MASQ cache miss(this does not appear to be such a
performance
> > hit).
>
> how did you do this?
In ip_masq.c when it tries to get the masq entry from LVS
ms = ip_masq_in_get_iph(iph);
I modified this as follows.....
#ifdef SCHED_EVERYTIME
//schedule every new conn to a different dest and allow any previous
//mapping to expire
if(h.th->syn && svc){
ms = ip_vs_schedule(svc, iph);
if (ms){
ip_vs_conn_stats(ms, svc);
}
}else
#endif
ms = ip_masq_in_get_iph(iph);
* NOTE The reduction in timeout is just to prevent hogging of memory,
if the director has enough memory, u could leave the timeout value alone....
|
