Re: ESTABLISHED Connection Spike (OT?)

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: ESTABLISHED Connection Spike (OT?)
From: Jacob Coby <jcoby@xxxxxxxxxxxxxxx>
Date: Fri, 29 Jul 2005 17:56:36 -0400
Graeme Fowler wrote:
On Fri 29 Jul 2005 22:24:54 BST , Jacob Coby <jcoby@xxxxxxxxxxxxxxx> wrote:

Because these are all ESTABLISHED connections to our website, they're taking up an apache process, and eventually locking everyone else out.

Since it's an application-level problem your LVS is doing exactly what it should :)

Yeah, that's what I was thinking. I didn't know if LVS was accidently not FIN'ing connections or whatever.

If you switch on the extended status and server-status handlers in Apache you can check what Apache thinks is happening, at the very least. If it's always the same source IP, I'd consider tracking down what the machine is and seeing if (for example) it's a broken proxy, or whether you can actually route back to it - if the latter then it could be a simple network problem (or even a complex one!).

I'd forgotten about the server-status modules.. I've actually got them enabled.

As for trying to route back to the ip addr, good idea. I'll try that next time the issue happens.

I know the ip addr is a NAT firewall, so it could be the firewall, it could be an office computer, or it could be a personal notebook causing the problem. They've scanned all of their computers for viruses. My only thought at this point is some spyware is screwing up the tcp stack and isn't closing connections.


<Prev in Thread] Current Thread [Next in Thread>