just those 2: net.ipv4.tcp_max_syn_backlog = 8192 net.core.somaxconn = 2048
---- On Fri, 16 Oct 2015 16:13:31 +0200 Baptiste<bed...@gmail.com> wrote ---- Have you 'tunned' your sysctls? Baptiste Le 16 oct. 2015 14:56, "wbmtfrdlxm" <wbmtfrd...@zoho.com> a écrit : what linux distribution are you using? light traffic is simulating 100 users browsing a website, simple http requests. we have 2 backend nodes and after a while, both of them become unavailable. after lowering or stopping traffic, everything goes back to normal. without ipsec, no problem at all. ---- On Fri, 16 Oct 2015 14:40:51 +0200 Jarno Huuskonen<jarno.huusko...@uef.fi> wrote ---- Hi, On Fri, Oct 16, wbmtfrdlxm wrote: > when using ipsec on the backend side, this error pops up in the haproxy log from time to time: > > Layer4 connection problem, info: "General socket error (No buffer space available) We're using ipsec(libreswan) on backend, but I haven't seen any problems with ipsec (just checked logs for past few months). > we have tried both strongswan and libreswan, error is still the same. there is nothing strange in the ipsec logs, connection seems stable. but as soon as we start generating some light traffic, haproxy loses connectivity with the backend nodes. > we are running centos 7, standard repositories. What's light traffice for you ? Have you tried w/out ipsec (does it work w/out problems) ? -Jarno -- Jarno Huuskonen