On Wed, 2004-02-04 at 13:53, Joseph Mack wrote:
> do you mean your realserver crashes in an hour? what from? is it getting
> all the connect requests for the next hour?
Yep, pretty much. It's most noticeable for http servers. True
connection-oriented services such as ftp, rsync, & ssh seem to not have
as much trouble.
Imagine a cluster of 8 servers that normally strain under the entire
site traffic load. ipvsadm reports 800-900 active connections for each
server. One goes down for a couple of hours, so all of the connections
to that server expire. When it's brought back online, it gets all (or
almost all) of the http requests until it builds back up to the number
of connections reported for the other servers. The result is a nice
little DDOS on that poor server.
If there's already code to prevent swamping a new server, maybe a 'nice'
config option would allow enough control to fix the problem? I'm not
familiar with the ip_vs code. Anyone have suggestions on where to look?
Many thanks,
-jrr
|