On Sun, Sep 20, 2009 at 1:35 AM, Willy Tarreau <[email protected]> wrote: > On Fri, Sep 18, 2009 at 04:17:34PM -0700, David Birdsong wrote: >> On Fri, Sep 18, 2009 at 4:01 PM, Jonah Horowitz <[email protected]> >> wrote: >> > I fixed the nf_contrack problem with this (really just the first one, >> > but the others were good too). >> > >> > HAProxy sysctl changes >> > >> > For network tuning, add the following to /etc/sysctl.conf: >> > >> > net.ipv4.netfilter.ip_conntrack_max = 16777216 >> thanks, mine is actually in two othe places under proc. i'd checked >> it and thought 150000 was fine, but this is def a bigger number. >> >> still see maxconn at 10000, i can't figure out what is holding this >> down so low. ( i understand that nf_conntrack wasn't going to fix it, >> just puzzled.) > > This is because you did not set the maxconn in the global section. > This is the one which acts on the whole process. And you don't need > to change your ulimit -n, it will do it by itself. > >> > net.ipv4.tcp_max_tw_buckets = 16777216 > > This one is a bit large, it allows you to support about 16M/60s = 250k > connections per second which is well beyond a standard system's > performance limit. > >> > increase Linux autotuning TCP buffer limits min, default, and max number >> > of bytes to use set max to at least 4MB, or higher if you use very high >> > BDP paths >> > >> > net.ipv4.tcp_rmem = 4096 87380 16777216 >> > net.ipv4.tcp_wmem = 4096 65536 16777216 > > Here such numbers can be high too when you're running with large > numbers of connections. Multiply that by 20000 * 2 and you'll see > what amount of memory the network buffers will use for 20k conns. > > Regards, > Willy Thanks for the tuning tips.
My artificial max connections were artificial in fact. I'd forgotten that I'd lazily put some arguments in my init script that were overriding my config file. I was banging my head on this all day Friday. I just needed to leave it alone for a day. When I came back to this today I solved it in minutes like I should have Friday. > >
