On Apr 9, 2011, at 5:20 PM, Cosmin Dumitru wrote: > Salut, > > Am un varnish ce face pe cacheul in fata unui site cu trafic relativ mic > (10-15req/s). > > Cel putin unul dintre vizitatori pateste urmatoarea chestie: Porneste > browserul si asteapta pana la un minut ca sa i se incarce pagina. > > Interesant e ca doar el pateste asta (sau cel putin doar de el stiu). Pentru > mine si multi altii merge fara probleme. > > Incercand sa aflu de ce am dat peste un comportament cel putin dubios. > > Browserul trimite SYN pentru a initia o conexiune, si SYNul este pur si > simplu ignorat.Tot incearca, incearca si dupa o vreme primeste SYN ACK si > mai departe lucrurile merg asa cum ar trebui. > > > Am rulat tcpdump pe masina si lucrurile stau cam asa: > > 9 1.006125 94.62.222.34 178.21.112.106 TCP cdid > http > [ACK] Seq=1789 Ack=379 Win=65158 Len=0 TSV=2381827 TSER=1720118389 > 10 5.813479 178.21.112.106 94.62.222.34 TCP http > cdid > [FIN, ACK] Seq=379 Ack=1789 Win=11200 Len=0 TSV=1720123403 TSER=2381827 > 11 5.914071 94.62.222.34 178.21.112.106 TCP cdid > http > [ACK] Seq=1789 Ack=380 Win=65158 Len=0 TSV=2381875 TSER=1720123403 > 12 8.024903 94.62.222.34 178.21.112.106 TCP cdid > http > [FIN, ACK] Seq=1789 Ack=380 Win=65158 Len=0 TSV=2381896 TSER=1720123403 > 13 8.024933 178.21.112.106 94.62.222.34 TCP http > cdid > [ACK] Seq=380 Ack=1790 Win=11200 Len=0 TSV=1720125614 TSER=2381896 > 14 8.027881 94.62.222.34 178.21.112.106 TCP vsaiport > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 15 8.285546 94.62.222.34 178.21.112.106 TCP ssrip > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 16 10.963855 94.62.222.34 178.21.112.106 TCP vsaiport > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 17 11.365616 94.62.222.34 178.21.112.106 TCP ssrip > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 18 17.099179 94.62.222.34 178.21.112.106 TCP vsaiport > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 19 17.402065 94.62.222.34 178.21.112.106 TCP ssrip > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 20 29.171013 94.62.222.34 178.21.112.106 TCP vsaiport > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 21 29.370913 94.62.222.34 178.21.112.106 TCP ssrip > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 22 53.109962 94.62.222.34 178.21.112.106 TCP vsaiport > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 23 53.311137 94.62.222.34 178.21.112.106 TCP ssrip > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 24 101.245245 94.62.222.34 178.21.112.106 TCP vsaiport > http > [SYN] Seq=0 Win=65535 Len=0 MSS=1260 WS=1 TSV=0 TSER=0 SACK_PERM=1 > 25 101.245269 178.21.112.106 94.62.222.34 TCP http > vsaiport > [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1460 SACK_PERM=1 TSV=1720218835 > TSER=0 WS=6 > > Intrarile 9 si 10 par sa fie de la o conexiune mai veche. Balciul incepe cu > packetul 14 si dupa mai bine de un minut si jumatate vine primul ACK. > Am scos syncookies, timestamps, sack, am crescut tcp backlog si nu am vazut > nicio imbunatatire. Idem pentru IPTables - cu sau fara modul incarcat face la > fel. varnish e instalat din pachetele oferite de dotdeb. > Checksum-ul pentru pachete se verifica. > > OS debian 6, 2.6.36 compilat de furnizor ( e o masina xen). > > Ce as putea sa mai fac? > > Cosmin > > PS: Shameless self promo: siteul in cauza e http://forums.rgc.ro >
si ca inchid threadul asta am descoperit problema. E descrisa perfect aici: https://lists.linux-foundation.org/pipermail/bugme-new/2010-August/025413.html Am setat net.ipv4.tcp_tw_recycle = 0 si totul e in regula acum. Cosmin _______________________________________________ RLUG mailing list RLUG@lists.lug.ro http://lists.lug.ro/mailman/listinfo/rlug
