Hi Łukasz,
From the configuration.txt :
""
when a connection expires during "timeout http-keep-alive", no error is
returned, the connection just closes. If the connection expires in
"timeout http-request" while waiting for a connection to complete, a
HTTP 408 error is returned.
This is sometimes caused by too large TCP MSS values on the client side
for PPPoE networks which cannot transport full-sized packets, or by
clients sending requests by hand and not typing fast enough, or
forgetting to enter the empty line at the end of the request.
""
You can search your log to find what type of clients (User-Agent) made
this type of requests.
Hervé.
On 06/06/2010 09:58 PM, Łukasz Jagiełło wrote:
Hi,
I'm wonder what can cause HTTP error 408. Atm each day around 4-5k
requests ends with 408. Really random request also at random backends.
Already try change timeouts but doesn't change that number at all.
Thats my connections at 60-70% max bandwidth:
#v+
~ # netstat -ntu | wc -l
67121
#v-
Most important things from haproxy.conf
#v+
global
# log 127.0.0.1 local0
log 127.0.0.1 local1 notice
user nobody
group nobody
daemon
#debug
#quiet
nbproc 4
pidfile /var/run/haproxy.pid
maxconn 32000
defaults
log global
mode http
option httplog
option dontlognull
option redispatch
option httpclose
option srvtcpka
option forwardfor
balance roundrobin
retries 3
maxconn 8192
timeout client 30s
timeout connect 30s
timeout server 30s
then only backends and frontends sections (around 40 all)
#v-
My '/etc/sysctl.conf':
#v+
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 262144
net.ipv4.tcp_tw_recycle = 1
net.core.wmem_max = 33554432
net.core.netdev_max_backlog = 2000
kernel.panic = 1
net.ipv4.tcp_rmem = 16184 174760 33554432
kernel.panic_on_oops = 1
net.ipv4.conf.all.arp_ignore = 1
net.core.rmem_default = 215040
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 8192
net.core.wmem_default = 215040
net.ipv4.tcp_dsack = 0
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.tcp_wmem = 16184 174760 33554432
net.ipv4.tcp_timestamps = 0
net.core.rmem_max = 33554432
net.ipv4.tcp_sack = 0
#v-
Regards,
--
Hervé COMMOWICK, EXOSEC (http://www.exosec.fr/)
ZAC des Metz - 3 Rue du petit robinson - 78350 JOUY EN JOSAS
Tel: +33 1 30 67 60 65 - Fax: +33 1 75 43 40 70
mailto:[email protected]
