Sent from my iPhone
On 6 Oct 2009, at 18:25, Michael Marano <mmar...@futureus.com> wrote:
We’ve completed a move to Rackspace Cloud and are now using HAproxy
as our load balancer. Haproxy is a Phenomenal piece of software.
The primary issue I’ve noticed from haproxy is that my backends are
frequently going DOWN/UP, and we’re having some long request times a
s well as serving occaisional 504’s. I’ve been doing my research
and understand that I need to do some system tuning via sysctl to ge
t things running properly. All references have different reccomenda
tions on what parameters to tune, and I’m a bit hesitant to copy/pas
te from multiple resources.
Is there a baseline set of recommended tunings that I can apply as a
first response before digging into the gritty details?
I’ve attached a bunch of details below. Thanks for any help you can
provide.
Michael
-------
[mmar...@w1 w1]$ cat /etc/redhat-release
CentOS release 5.3 (Final)
[mmar...@w1 w1]$ uname -a
Linux w1.gamesradar.com 2.6.24-23-xen #1 SMP Mon Jan 26 03:09:12 UTC
2009 x86_64 x86_64 x86_64 GNU/Linux
[mmar...@w1 w1]$ /usr/sbin/haproxy -v
HA-Proxy version 1.3.18 2009/05/10
Here’s what I’m finding in /var/log/messages:
Oct 2 23:12:38 w1 kernel: [1556670.291082] printk: 482 messages
suppressed.
Oct 2 23:12:38 w1 kernel: [1556670.291102] nf_conntrack: table
full, dropping packet.
Oct 3 01:34:49 w1 kernel: [1566552.616316] possible SYN flooding on
port 80. Sending cookies.
Oct 3 03:19:52 w1 kernel: [1572838.886342] printk: 294 messages
suppressed.
[mmar...@w1 w1]$ sudo /sbin/sysctl -a | grep ^net
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_retrans_collapse = 1
net.ipv4.ip_forward = 0
net.ipv4.ip_default_ttl = 64
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.ip_nonlocal_bind = 0
net.ipv4.tcp_syn_retries = 5
net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_max_orphans = 65536
net.ipv4.tcp_max_tw_buckets = 180000
net.ipv4.ipfrag_high_thresh = 262144
net.ipv4.ipfrag_low_thresh = 196608
net.ipv4.ip_dynaddr = 0
net.ipv4.ipfrag_time = 30
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_abort_on_overflow = 0
net.ipv4.tcp_stdurg = 0
net.ipv4.tcp_rfc1337 = 0
net.ipv4.tcp_max_syn_backlog = 1024
net.ipv4.ip_local_port_range = 32768 61000
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.icmp_errors_use_inbound_ifaddr = 0
net.ipv4.route.min_delay = 2
net.ipv4.route.max_delay = 10
net.ipv4.route.gc_thresh = 262144
net.ipv4.route.max_size = 4194304
net.ipv4.route.gc_min_interval = 0
net.ipv4.route.gc_min_interval_ms = 500
net.ipv4.route.gc_timeout = 300
net.ipv4.route.gc_interval = 60
net.ipv4.route.redirect_load = 5
net.ipv4.route.redirect_number = 9
net.ipv4.route.redirect_silence = 5120
net.ipv4.route.error_cost = 250
net.ipv4.route.error_burst = 1250
net.ipv4.route.gc_elasticity = 8
net.ipv4.route.mtu_expires = 600
