We¹ve completed a move to Rackspace Cloud and are now using HAproxy as our load balancer. Haproxy is a Phenomenal piece of software.
The primary issue I¹ve noticed from haproxy is that my backends are frequently going DOWN/UP, and we¹re having some long request times as well as serving occaisional 504¹s. I¹ve been doing my research and understand that I need to do some system tuning via sysctl to get things running properly. All references have different reccomendations on what parameters to tune, and I¹m a bit hesitant to copy/paste from multiple resources. Is there a baseline set of recommended tunings that I can apply as a first response before digging into the gritty details? I¹ve attached a bunch of details below. Thanks for any help you can provide. Michael ------- [mmar...@w1 w1]$ cat /etc/redhat-release CentOS release 5.3 (Final) [mmar...@w1 w1]$ uname -a Linux w1.gamesradar.com 2.6.24-23-xen #1 SMP Mon Jan 26 03:09:12 UTC 2009 x86_64 x86_64 x86_64 GNU/Linux [mmar...@w1 w1]$ /usr/sbin/haproxy -v HA-Proxy version 1.3.18 2009/05/10 Here¹s what I¹m finding in /var/log/messages: Oct 2 23:12:38 w1 kernel: [1556670.291082] printk: 482 messages suppressed. Oct 2 23:12:38 w1 kernel: [1556670.291102] nf_conntrack: table full, dropping packet. Oct 3 01:34:49 w1 kernel: [1566552.616316] possible SYN flooding on port 80. Sending cookies. Oct 3 03:19:52 w1 kernel: [1572838.886342] printk: 294 messages suppressed. [mmar...@w1 w1]$ sudo /sbin/sysctl -a | grep ^net net.ipv4.tcp_timestamps = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_retrans_collapse = 1 net.ipv4.ip_forward = 0 net.ipv4.ip_default_ttl = 64 net.ipv4.ip_no_pmtu_disc = 0 net.ipv4.ip_nonlocal_bind = 0 net.ipv4.tcp_syn_retries = 5 net.ipv4.tcp_synack_retries = 5 net.ipv4.tcp_max_orphans = 65536 net.ipv4.tcp_max_tw_buckets = 180000 net.ipv4.ipfrag_high_thresh = 262144 net.ipv4.ipfrag_low_thresh = 196608 net.ipv4.ip_dynaddr = 0 net.ipv4.ipfrag_time = 30 net.ipv4.tcp_keepalive_time = 7200 net.ipv4.tcp_keepalive_probes = 9 net.ipv4.tcp_keepalive_intvl = 75 net.ipv4.tcp_retries1 = 3 net.ipv4.tcp_retries2 = 15 net.ipv4.tcp_fin_timeout = 60 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_abort_on_overflow = 0 net.ipv4.tcp_stdurg = 0 net.ipv4.tcp_rfc1337 = 0 net.ipv4.tcp_max_syn_backlog = 1024 net.ipv4.ip_local_port_range = 32768 61000 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_errors_use_inbound_ifaddr = 0 net.ipv4.route.min_delay = 2 net.ipv4.route.max_delay = 10 net.ipv4.route.gc_thresh = 262144 net.ipv4.route.max_size = 4194304 net.ipv4.route.gc_min_interval = 0 net.ipv4.route.gc_min_interval_ms = 500 net.ipv4.route.gc_timeout = 300 net.ipv4.route.gc_interval = 60 net.ipv4.route.redirect_load = 5 net.ipv4.route.redirect_number = 9 net.ipv4.route.redirect_silence = 5120 net.ipv4.route.error_cost = 250 net.ipv4.route.error_burst = 1250 net.ipv4.route.gc_elasticity = 8 net.ipv4.route.mtu_expires = 600
