|
Hello everyone,
I'm new to this list, and working for a service provider. I've setup a few
weeks ago a couple of LVS-NAT directors to load balance several services:
DNS, HTTP, HTTPS, SMTP, IMAP, POP, RADIUS, HTTP-PROXY, TFTP, FTP
Each service (Virtual server) has 2-3 virtual machines (Real servers)
available for the moment, and use the wlc scheduling algorithm
Some days after we've begun to experience random slowness on IMAP and HTTPS
services, connection attempts end in timeout expiration, but the service is
available again after 2-3 minutes.
Studying the traffic with wireshark shows no TCP mistake.
But everything is fine if the LVS is bypassed on a test client (hardcoding
real server IP as virtual server IP in hosts file)
So I went thru a long googling time:
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.services.single-port.html
- persistance for these two services has been enabled for 7200s, same value
as tcp_keepalive_time
- "ipvsadm -Ln --timeout" is set to 7200 120 300
- SSLSessionCacheTimeout for ssl.conf has been set to 7200 too
- found nothing relevant for IMAP configuration
But nothing helped. Still slow randomly, unpredictable, hard to find out
where to find clues
So, my questions are:
- should I separate some services on another couple of LVS directors, and
apply a special treatment for these protocols?
- how can I get more clues?
Here's a sample of my ldirectord.cf
----8<-----
# Global Directives
checktimeout=23
checkinterval=10
autoreload=no
quiescent=yes
virtual=aa.aa.aa.aa:143
service=none
real = bb.bb.bb.bb:143 masq 1
real = cc.cc.cc.cc:143 masq 1
scheduler=wlc
persistent=7200
protocol=tcp
----8<-----
Thanks in advance
|
