haproxy bug or wrong kernel settings?

Craig Craig Wed, 30 Jun 2010 10:16:58 -0700

Hi list,

I'm having a strange problem with haproxy 1.3.24, when the server gets more 
connections. Load is still ok by then (about 0.5), througput is about 
50-100MBit.


Right now, everything is fine, I'm seeing:

Server connection states (it also runs a squid, which is not used for this 
domain):

     92 CLOSE_WAIT
     21 CLOSING
   3315 ESTABLISHED
     86 FIN_WAIT1
    171 FIN_WAIT2
     60 LAST_ACK
     34 LISTEN
     99 SYN_RECV
      1 SYN_SENT
   9532 TIME_WAIT

Port 8085 (haproxy-frontend) only:

ESTABLISHED      1544
FIN_WAIT1        16
FIN_WAIT2        141
LAST_ACK         59
SYN_RECV         44
SYN_SENT         0
TIME_WAIT        1101
CLOSE_WAIT       1
CLOSING  0


It seems that somewhere over 2000 and between 4500 established connections, the 
problems start; I've not been able to determine
the exact number, as I've changed the NAT to the server directly - it could 
handle the ~6600 connections without problems.

When I was querying a server through haproxy (on the haproxy itself), I saw 
this huge lag:

1.) time printf "GET / HTTP/1.1\r\nhost: www.foo.de\r\nConnection: 
close\r\nCookie: -\r\n\r\n" | nc -v 192.168.92.11 8085 &>/dev/null
real    0m19.976s
user    0m0.000s
sys     0m0.008s

And at the same time, I queried the server directly, from the server running 
haproxy again:
2.) time printf "GET / HTTP/1.1\r\nhost: www.foo.de\r\nConnection: 
close\r\nCookie: -\r\n\r\n" | nc -v 192.168.70.43 80 &>/dev/null
real    0m0.049s
user    0m0.000s
sys     0m0.004s

Nr. 1.)  always had the lag, Nr. 2.) was always slow, but it seemed to get 
slower, the more connections were open.. After switching the NAT from haproxy 
to the host directly, the query times are in the range of #2 again. It seems, 
that after a specific limit is reached by haproxy, the connections get slower 
and slower. 

It might also be a linux kernel setting but, any hint would be much 
appreciated...

Best regards,
Craig



My config:

############# haproxy.cfg
global
user haproxy
group haproxy
maxconn 75000
ulimit-n 192000

log 127.0.0.1 local0

defaults
        timeout client 300s
        timeout server 300s
        timeout queue 60s
        timeout connect 7s
        timeout http-request 10s

backend backend_btg
mode http
balance hdr(X-Forwarded-For)
option redispatch
option httpchk HEAD / HTTP/1.1\r\nHost:\ www.foo.de
server Sxxx 192.168.71.43:80 weight 100 maxconn 16384 check inter 10000 fall 2 
rise 2

frontend frontend_btg
bind 0.0.0.0:8085
mode http
option httplog
reqidel ^X-Forwarded-For:.*
option forwardfor except 192.168.97.11
log 127.0.0.1 local0
capture request header Host len 192
timeout client 1m

acl request_btgdomain hdr_reg(host) -i (^|\.)foo\.de

acl redirect1           url_beg         /1
acl redirect2           url_beg         /2
acl redirect3           url_beg         /3
acl redirect4           url_beg         /4
acl redirect5           url_beg         /5
acl forum_request       hdr_dom(host)   -i forum.foo.de

acl forum_allow_bt1     src             193.17.232.0/24
acl forum_allow_bt2     src             193.17.236.0/24
acl forum_allow_bt3     src             193.17.243.0/24
acl forum_allow_bt4     src             193.17.244.0/24

redirect location https://www.foo.de/1 if redirect1 request_btgdomain
redirect location https://www.foo.de/2 if redirect2 request_btgdomain
redirect location https://www.foo.de/3 if redirect3 request_btgdomain
redirect location https://www.foo.de/4 if redirect4 request_btgdomain
redirect location https://www.foo.de/5 if redirect5 request_btgdomain

default_backend backend_btg


################################################################################################
###### sysctl -a output:

kernel.sched_rt_period_us = 1000000
kernel.sched_rt_runtime_us = 950000
kernel.sched_compat_yield = 0
kernel.panic = 0
kernel.core_uses_pid = 0
kernel.core_pattern = core
kernel.tainted = 0
kernel.print-fatal-signals = 0
kernel.ctrl-alt-del = 0
kernel.modprobe = /sbin/modprobe
kernel.hotplug = 
kernel.sg-big-buff = 32768
kernel.cad_pid = 1
kernel.threads-max = 274432
kernel.random.poolsize = 4096
kernel.random.entropy_avail = 130
kernel.random.read_wakeup_threshold = 64
kernel.random.write_wakeup_threshold = 128
kernel.overflowuid = 65534
kernel.overflowgid = 65534
kernel.pid_max = 32768
kernel.panic_on_oops = 0
kernel.printk = 1       4       1       7
kernel.printk_ratelimit = 5
kernel.printk_ratelimit_burst = 10
kernel.ngroups_max = 65536
kernel.unknown_nmi_panic = 0
kernel.nmi_watchdog = 0
kernel.panic_on_unrecovered_nmi = 0
kernel.bootloader_type = 113
kernel.kstack_depth_to_print = 12
kernel.io_delay_type = 0
kernel.randomize_va_space = 1
kernel.acpi_video_flags = 0
kernel.compat-log = 1
kernel.max_lock_depth = 1024
kernel.poweroff_cmd = /sbin/poweroff
kernel.scan_unevictable_pages = 0
kernel.vsyscall64 = 1
kernel.ostype = Linux
kernel.osrelease = 2.6.29-gentoo-r3
kernel.version = #2 SMP Tue May 11 19:55:13 CEST 2010
kernel.hostname = N111
kernel.domainname = (none)
kernel.shmmax = 33554432
kernel.shmall = 2097152
kernel.shmmni = 4096
kernel.msgmax = 8192
kernel.msgmni = 32103
kernel.msgmnb = 16384
kernel.sem = 250        32000   32      128
kernel.auto_msgmni = 1
kernel.pty.max = 4096
kernel.pty.nr = 281
vm.overcommit_memory = 0
vm.panic_on_oom = 0
vm.oom_kill_allocating_task = 0
vm.oom_dump_tasks = 0
vm.overcommit_ratio = 50
vm.page-cluster = 3
vm.dirty_background_ratio = 5
vm.dirty_background_bytes = 0
vm.dirty_ratio = 10
vm.dirty_bytes = 0
vm.dirty_writeback_centisecs = 500
vm.dirty_expire_centisecs = 3000
vm.nr_pdflush_threads = 2
vm.swappiness = 60
vm.nr_hugepages = 0
vm.hugetlb_shm_group = 0
vm.hugepages_treat_as_movable = 0
vm.nr_overcommit_hugepages = 0
vm.lowmem_reserve_ratio = 256   256     32
vm.drop_caches = 0
vm.min_free_kbytes = 16262
vm.percpu_pagelist_fraction = 0
vm.max_map_count = 65536
vm.laptop_mode = 0
vm.block_dump = 0
vm.vfs_cache_pressure = 100
vm.legacy_va_layout = 0
vm.stat_interval = 1
fs.inode-nr = 315224    60707
fs.inode-state = 315224 60707   0       0       0       0       0
fs.file-nr = 928        0       1587214
fs.file-max = 1587214
fs.nr_open = 1048576
fs.dentry-state = 421895        413172  45      0       0       0
fs.overflowuid = 65534
fs.overflowgid = 65534
fs.leases-enable = 1
fs.dir-notify-enable = 1
fs.lease-break-time = 45
fs.aio-nr = 0
fs.aio-max-nr = 65536
fs.inotify.max_user_instances = 128
fs.inotify.max_user_watches = 8192
fs.inotify.max_queued_events = 16384
fs.epoll.max_user_watches = 3366297
fs.suid_dumpable = 0
error: "Invalid argument" reading key "fs.binfmt_misc.register"
fs.binfmt_misc.status = enabled
fs.mqueue.queues_max = 256
fs.mqueue.msg_max = 10
fs.mqueue.msgsize_max = 8192
debug.exception-trace = 1
dev.scsi.logging_level = 0
dev.cdrom.info = CD-ROM information, Id: cdrom.c 3.20 2003/12/17
dev.cdrom.info = 
dev.cdrom.info = drive name:            sr0
dev.cdrom.info = drive speed:           24
dev.cdrom.info = drive # of slots:      1
dev.cdrom.info = Can close tray:                1
dev.cdrom.info = Can open tray:         1
dev.cdrom.info = Can lock tray:         1
dev.cdrom.info = Can change speed:      1
dev.cdrom.info = Can select disk:       0
dev.cdrom.info = Can read multisession: 1
dev.cdrom.info = Can read MCN:          1
dev.cdrom.info = Reports media changed: 1
dev.cdrom.info = Can play audio:                1
dev.cdrom.info = Can write CD-R:                0
dev.cdrom.info = Can write CD-RW:       0
dev.cdrom.info = Can read DVD:          1
dev.cdrom.info = Can write DVD-R:       0
dev.cdrom.info = Can write DVD-RAM:     0
dev.cdrom.info = Can read MRW:          1
dev.cdrom.info = Can write MRW:         1
dev.cdrom.info = Can write RAM:         1
dev.cdrom.info = 
dev.cdrom.info = 
dev.cdrom.autoclose = 1
dev.cdrom.autoeject = 0
dev.cdrom.debug = 0
dev.cdrom.lock = 1
dev.cdrom.check_media = 0
net.core.somaxconn = 40960
net.core.xfrm_aevent_etime = 10
net.core.xfrm_aevent_rseqth = 2
net.core.xfrm_larval_drop = 1
net.core.xfrm_acq_expires = 30
net.core.wmem_max = 131071
net.core.rmem_max = 131071
net.core.wmem_default = 122880
net.core.rmem_default = 122880
net.core.dev_weight = 64
net.core.netdev_max_backlog = 1000
net.core.message_cost = 5
net.core.message_burst = 10
net.core.optmem_max = 20480
net.core.netdev_budget = 300
net.core.warnings = 1
net.ipv4.route.gc_thresh = 524288
net.ipv4.route.max_size = 8388608
net.ipv4.route.gc_min_interval = 0
net.ipv4.route.gc_min_interval_ms = 500
net.ipv4.route.gc_timeout = 300
net.ipv4.route.gc_interval = 60
net.ipv4.route.redirect_load = 5
net.ipv4.route.redirect_number = 9
net.ipv4.route.redirect_silence = 5120
net.ipv4.route.error_cost = 250
net.ipv4.route.error_burst = 1250
net.ipv4.route.gc_elasticity = 8
net.ipv4.route.mtu_expires = 600
net.ipv4.route.min_pmtu = 552
net.ipv4.route.min_adv_mss = 256
net.ipv4.route.secret_interval = 600
error: permission denied on key 'net.ipv4.route.flush'
net.ipv4.neigh.default.mcast_solicit = 3
net.ipv4.neigh.default.ucast_solicit = 3
net.ipv4.neigh.default.app_solicit = 0
net.ipv4.neigh.default.retrans_time = 100
net.ipv4.neigh.default.base_reachable_time = 30
net.ipv4.neigh.default.delay_first_probe_time = 5
net.ipv4.neigh.default.gc_stale_time = 60
net.ipv4.neigh.default.unres_qlen = 3
net.ipv4.neigh.default.proxy_qlen = 64
net.ipv4.neigh.default.anycast_delay = 100
net.ipv4.neigh.default.proxy_delay = 80
net.ipv4.neigh.default.locktime = 100
net.ipv4.neigh.default.retrans_time_ms = 1000
net.ipv4.neigh.default.base_reachable_time_ms = 30000
net.ipv4.neigh.default.gc_interval = 30
net.ipv4.neigh.default.gc_thresh1 = 128
net.ipv4.neigh.default.gc_thresh2 = 512
net.ipv4.neigh.default.gc_thresh3 = 1024
net.ipv4.neigh.lo.mcast_solicit = 3
net.ipv4.neigh.lo.ucast_solicit = 3
net.ipv4.neigh.lo.app_solicit = 0
net.ipv4.neigh.lo.retrans_time = 100
net.ipv4.neigh.lo.base_reachable_time = 30
net.ipv4.neigh.lo.delay_first_probe_time = 5
net.ipv4.neigh.lo.gc_stale_time = 60
net.ipv4.neigh.lo.unres_qlen = 3
net.ipv4.neigh.lo.proxy_qlen = 64
net.ipv4.neigh.lo.anycast_delay = 100
net.ipv4.neigh.lo.proxy_delay = 80
net.ipv4.neigh.lo.locktime = 100
net.ipv4.neigh.lo.retrans_time_ms = 1000
net.ipv4.neigh.lo.base_reachable_time_ms = 30000
net.ipv4.neigh.eth0.mcast_solicit = 3
net.ipv4.neigh.eth0.ucast_solicit = 3
net.ipv4.neigh.eth0.app_solicit = 0
net.ipv4.neigh.eth0.retrans_time = 100
net.ipv4.neigh.eth0.base_reachable_time = 30
net.ipv4.neigh.eth0.delay_first_probe_time = 5
net.ipv4.neigh.eth0.gc_stale_time = 60
net.ipv4.neigh.eth0.unres_qlen = 3
net.ipv4.neigh.eth0.proxy_qlen = 64
net.ipv4.neigh.eth0.anycast_delay = 100
net.ipv4.neigh.eth0.proxy_delay = 80
net.ipv4.neigh.eth0.locktime = 100
net.ipv4.neigh.eth0.retrans_time_ms = 1000
net.ipv4.neigh.eth0.base_reachable_time_ms = 30000
net.ipv4.neigh.eth1.mcast_solicit = 3
net.ipv4.neigh.eth1.ucast_solicit = 3
net.ipv4.neigh.eth1.app_solicit = 0
net.ipv4.neigh.eth1.retrans_time = 100
net.ipv4.neigh.eth1.base_reachable_time = 30
net.ipv4.neigh.eth1.delay_first_probe_time = 5
net.ipv4.neigh.eth1.gc_stale_time = 60
net.ipv4.neigh.eth1.unres_qlen = 3
net.ipv4.neigh.eth1.proxy_qlen = 64
net.ipv4.neigh.eth1.anycast_delay = 100
net.ipv4.neigh.eth1.proxy_delay = 80
net.ipv4.neigh.eth1.locktime = 100
net.ipv4.neigh.eth1.retrans_time_ms = 1000
net.ipv4.neigh.eth1.base_reachable_time_ms = 30000
net.ipv4.neigh.bond0.mcast_solicit = 3
net.ipv4.neigh.bond0.ucast_solicit = 3
net.ipv4.neigh.bond0.app_solicit = 0
net.ipv4.neigh.bond0.retrans_time = 100
net.ipv4.neigh.bond0.base_reachable_time = 30
net.ipv4.neigh.bond0.delay_first_probe_time = 5
net.ipv4.neigh.bond0.gc_stale_time = 60
net.ipv4.neigh.bond0.unres_qlen = 3
net.ipv4.neigh.bond0.proxy_qlen = 64
net.ipv4.neigh.bond0.anycast_delay = 100
net.ipv4.neigh.bond0.proxy_delay = 80
net.ipv4.neigh.bond0.locktime = 100
net.ipv4.neigh.bond0.retrans_time_ms = 1000
net.ipv4.neigh.bond0.base_reachable_time_ms = 30000
net.ipv4.netfilter.ip_conntrack_generic_timeout = 600
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_retrans_collapse = 1
net.ipv4.ip_default_ttl = 64
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.ip_nonlocal_bind = 0
net.ipv4.tcp_syn_retries = 5
net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_max_orphans = 65536
net.ipv4.tcp_max_tw_buckets = 180000
net.ipv4.ip_dynaddr = 0
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_syncookies = 0
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_abort_on_overflow = 0
net.ipv4.tcp_stdurg = 0
net.ipv4.tcp_rfc1337 = 0
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.ip_local_port_range = 10001    65535
net.ipv4.igmp_max_memberships = 20
net.ipv4.igmp_max_msf = 10
net.ipv4.inet_peer_threshold = 65664
net.ipv4.inet_peer_minttl = 120
net.ipv4.inet_peer_maxttl = 600
net.ipv4.inet_peer_gc_mintime = 10
net.ipv4.inet_peer_gc_maxtime = 120
net.ipv4.tcp_orphan_retries = 0
net.ipv4.tcp_fack = 1
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_ecn = 0
net.ipv4.tcp_dsack = 1
net.ipv4.tcp_mem = 1540896      2054528 3081792
net.ipv4.tcp_wmem = 4096        16384   4194304
net.ipv4.tcp_rmem = 4096        87380   4194304
net.ipv4.tcp_app_win = 31
net.ipv4.tcp_adv_win_scale = 2
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_frto = 2
net.ipv4.tcp_frto_response = 0
net.ipv4.tcp_low_latency = 0
net.ipv4.tcp_no_metrics_save = 0
net.ipv4.tcp_moderate_rcvbuf = 1
net.ipv4.tcp_tso_win_divisor = 3
net.ipv4.tcp_congestion_control = cubic
net.ipv4.tcp_abc = 0
net.ipv4.tcp_mtu_probing = 0
net.ipv4.tcp_base_mss = 512
net.ipv4.tcp_workaround_signed_windows = 0
net.ipv4.tcp_dma_copybreak = 4096
net.ipv4.tcp_slow_start_after_idle = 1
net.ipv4.tcp_available_congestion_control = cubic reno
net.ipv4.tcp_allowed_congestion_control = cubic reno
net.ipv4.tcp_max_ssthresh = 0
net.ipv4.udp_mem = 1540896      2054528 3081792
net.ipv4.udp_rmem_min = 4096
net.ipv4.udp_wmem_min = 4096
net.ipv4.conf.all.forwarding = 0
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.all.accept_redirects = 1
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.all.shared_media = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.send_redirects = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.proxy_arp = 0
net.ipv4.conf.all.medium_id = 0
net.ipv4.conf.all.bootp_relay = 0
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.all.tag = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_accept = 0
net.ipv4.conf.all.disable_xfrm = 0
net.ipv4.conf.all.disable_policy = 0
net.ipv4.conf.all.force_igmp_version = 0
net.ipv4.conf.all.promote_secondaries = 0
net.ipv4.conf.default.forwarding = 0
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.default.accept_redirects = 1
net.ipv4.conf.default.secure_redirects = 1
net.ipv4.conf.default.shared_media = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.default.accept_source_route = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.default.medium_id = 0
net.ipv4.conf.default.bootp_relay = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.default.tag = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.arp_announce = 0
net.ipv4.conf.default.arp_ignore = 0
net.ipv4.conf.default.arp_accept = 0
net.ipv4.conf.default.disable_xfrm = 0
net.ipv4.conf.default.disable_policy = 0
net.ipv4.conf.default.force_igmp_version = 0
net.ipv4.conf.default.promote_secondaries = 0
net.ipv4.conf.lo.forwarding = 0
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.lo.accept_redirects = 1
net.ipv4.conf.lo.secure_redirects = 1
net.ipv4.conf.lo.shared_media = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.lo.send_redirects = 1
net.ipv4.conf.lo.accept_source_route = 1
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.lo.medium_id = 0
net.ipv4.conf.lo.bootp_relay = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.lo.tag = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_accept = 0
net.ipv4.conf.lo.disable_xfrm = 1
net.ipv4.conf.lo.disable_policy = 1
net.ipv4.conf.lo.force_igmp_version = 0
net.ipv4.conf.lo.promote_secondaries = 0
net.ipv4.conf.eth0.forwarding = 0
net.ipv4.conf.eth0.mc_forwarding = 0
net.ipv4.conf.eth0.accept_redirects = 1
net.ipv4.conf.eth0.secure_redirects = 1
net.ipv4.conf.eth0.shared_media = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.eth0.send_redirects = 1
net.ipv4.conf.eth0.accept_source_route = 1
net.ipv4.conf.eth0.proxy_arp = 0
net.ipv4.conf.eth0.medium_id = 0
net.ipv4.conf.eth0.bootp_relay = 0
net.ipv4.conf.eth0.log_martians = 0
net.ipv4.conf.eth0.tag = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.arp_announce = 0
net.ipv4.conf.eth0.arp_ignore = 0
net.ipv4.conf.eth0.arp_accept = 0
net.ipv4.conf.eth0.disable_xfrm = 0
net.ipv4.conf.eth0.disable_policy = 0
net.ipv4.conf.eth0.force_igmp_version = 0
net.ipv4.conf.eth0.promote_secondaries = 0
net.ipv4.conf.eth1.forwarding = 0
net.ipv4.conf.eth1.mc_forwarding = 0
net.ipv4.conf.eth1.accept_redirects = 1
net.ipv4.conf.eth1.secure_redirects = 1
net.ipv4.conf.eth1.shared_media = 1
net.ipv4.conf.eth1.rp_filter = 1
net.ipv4.conf.eth1.send_redirects = 1
net.ipv4.conf.eth1.accept_source_route = 1
net.ipv4.conf.eth1.proxy_arp = 0
net.ipv4.conf.eth1.medium_id = 0
net.ipv4.conf.eth1.bootp_relay = 0
net.ipv4.conf.eth1.log_martians = 0
net.ipv4.conf.eth1.tag = 0
net.ipv4.conf.eth1.arp_filter = 0
net.ipv4.conf.eth1.arp_announce = 0
net.ipv4.conf.eth1.arp_ignore = 0
net.ipv4.conf.eth1.arp_accept = 0
net.ipv4.conf.eth1.disable_xfrm = 0
net.ipv4.conf.eth1.disable_policy = 0
net.ipv4.conf.eth1.force_igmp_version = 0
net.ipv4.conf.eth1.promote_secondaries = 0
net.ipv4.conf.bond0.forwarding = 0
net.ipv4.conf.bond0.mc_forwarding = 0
net.ipv4.conf.bond0.accept_redirects = 1
net.ipv4.conf.bond0.secure_redirects = 1
net.ipv4.conf.bond0.shared_media = 1
net.ipv4.conf.bond0.rp_filter = 1
net.ipv4.conf.bond0.send_redirects = 1
net.ipv4.conf.bond0.accept_source_route = 1
net.ipv4.conf.bond0.proxy_arp = 0
net.ipv4.conf.bond0.medium_id = 0
net.ipv4.conf.bond0.bootp_relay = 0
net.ipv4.conf.bond0.log_martians = 0
net.ipv4.conf.bond0.tag = 0
net.ipv4.conf.bond0.arp_filter = 0
net.ipv4.conf.bond0.arp_announce = 0
net.ipv4.conf.bond0.arp_ignore = 0
net.ipv4.conf.bond0.arp_accept = 0
net.ipv4.conf.bond0.disable_xfrm = 0
net.ipv4.conf.bond0.disable_policy = 0
net.ipv4.conf.bond0.force_igmp_version = 0
net.ipv4.conf.bond0.promote_secondaries = 0
net.ipv4.ip_forward = 0
net.ipv4.ipfrag_high_thresh = 262144
net.ipv4.ipfrag_low_thresh = 196608
net.ipv4.ipfrag_time = 30
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.icmp_errors_use_inbound_ifaddr = 0
net.ipv4.icmp_ratelimit = 1000
net.ipv4.icmp_ratemask = 6168
net.ipv4.rt_cache_rebuild_count = 4
net.ipv4.ipfrag_secret_interval = 600
net.ipv4.ipfrag_max_dist = 64
net.netfilter.nf_conntrack_generic_timeout = 600
net.netfilter.nf_conntrack_acct = 1
net.netfilter.nf_conntrack_max = 327680
net.netfilter.nf_conntrack_count = 0
net.netfilter.nf_conntrack_buckets = 16384
net.netfilter.nf_conntrack_checksum = 1
net.netfilter.nf_conntrack_log_invalid = 0
net.netfilter.nf_conntrack_expect_max = 256
net.nf_conntrack_max = 327680
net.unix.max_dgram_qlen = 10
abi.vsyscall32 = 2

haproxy bug or wrong kernel settings?

Reply via email to