Hi, I realise this must have been a stupid question for you I'm quite green to Linux and haproxy so I do not have debugging skills. I would appreciate if someone could explain at least if my hardware (all on one machine) could be the problem or whether this is just some tcp/ip tuning that needs to be done on the kernel.
Sorry for being annoying. ---------- Forwarded message ---------- From: Peter Griffin <[email protected]> Date: 5 February 2010 22:02 Subject: Site running slow To: [email protected] Hi, Setup haproxy 1.3.22 with stunnel 4.22 + OpenSSL 0.9.7m and runs well with a few internal users. I run this setup on a P4 with 1Gb of Ram and with a few users am left with about 750Mb of free Ram. After deployment of the site and heavy traffic I noticed free mem going down to 45Mb, occasionally lower than that then goes back to 45Mb. The site was brought to a standstill and eventually I had to route straight into 1 webserver. I noticed the following entries in stunnel: 2010.02.05 21:04:00 LOG3[4030:139813211576080]: SSL_read: Connection reset by peer (104) 2010.02.05 21:05:25 LOG3[4030:139813211576080]: connect_wait: getsockopt: Connection refused (111) 2010.02.05 21:10:40 LOG3[4030:139813211645712]: SSL_accept: Peer suddenly disconnected 2010.02.05 21:12:11 LOG3[4030:139813211576080]: SSL_read: Connection reset by peer (104) 2010.02.05 21:12:12 LOG3[4030:139813211576080]: SSL socket closed on SSL_read with 7468 byte(s) in buffer 2010.02.05 21:12:12 LOG3[4030:139813211576080]: SSL socket closed on SSL_read with 16384 byte(s) in buffer 2010.02.05 21:12:12 LOG3[4030:139813211576080]: SSL socket closed on SSL_read with 16384 byte(s) in buffer 2010.02.05 21:12:15 LOG3[4030:139813211645712]: SSL_read: Connection reset by peer (104) 2010.02.05 21:12:28 LOG3[4030:139813211576080]: SSL_accept: Peer suddenly disconnected 2010.02.05 21:17:28 LOG3[4030:139813211576080]: SSL_read: Connection reset by peer (104) 2010.02.05 21:17:32 LOG3[4030:139813211645712]: SSL_read: Connection reset by peer (104) 2010.02.05 21:17:34 LOG3[4030:139813211576080]: SSL socket closed on SSL_read with 2385 byte(s) in buffer 2010.02.05 21:17:38 LOG3[4030:139813211576080]: SSL socket closed on SSL_read with 2385 byte(s) in buffer My stunnel.conf: #setuid=stunnel #setgid=proxy debug = 3 output = /var/log/stunnel.log socket=l:TCP_NODELAY=1 socket=r:TCP_NODELAY=1 [https] accept=10.0.1.50:443 connect=10.0.1.50:80 <http://10.0.1.50/> TIMEOUTclose=0 xforwardedfor=yes and haproxy.cfg # this config needs haproxy-1.1.28 or haproxy-1.2.1 global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 chroot /var/lib/haproxy user haproxy group haproxy daemon # debug #quiet defaults log global mode http # option httplog option dontlognull retries 3 option redispatch maxconn 4096 contimeout 5000 clitimeout 150000 srvtimeout 30000 listen loadbalancer :80 mode http balance roundrobin option forwardfor option httpclose cookie SERVERID insert indirect nocache server WEB01 10.0.1.108:80 <http://10.0.1.108/> cookie A check inter 5000 server WEB05 10.0.1.109:80 <http://10.0.1.109/> cookie B check inter 5000 listen statistics 10.0.1.50:8080 stats enable stats auth stats:stats stats uri / The clues I think run in stunnel's logs, in particular: SSL_accept: Peer suddenly disconnected & SSL_read: Connection reset by peer (104) Is there some setting I am missing in haproxy that could alleviate the problem or is it just a question of putting more physical ram in? Thanks in advance.
