lots of connections stay in FIN_WAIT2 and CLOSE_WAIT

Sat, 13 Jul 2013 19:31:57 -0700 

Hi all,


We have a haproxy for our web service. We forward the tcp port 80 traffic to 
haproxy. And if it's not the http traffic we send it to the Internet use the 
option transparent. Here is the configure.


###############
global
       pidfile /var/run/haproxy.pid
       maxconn 200000
        maxpipes 50000
       daemon
       stats socket /tmp/haproxy.sock
       nbproc 4
       spread-checks 5
        tune.rcvbuf.client 16384
        tune.rcvbuf.server 16384
        tune.sndbuf.client 32768
       tune.sndbuf.server 16384

defaults
#TCP SECTION
       maxconn 200000
        backlog 32768
       timeout connect 5s
       timeout client 60s
       timeout server 60s
       timeout queue 60s
       timeout check 10s
       timeout http-request 15s
       timeout http-keep-alive 1s
        timeout tunnel 3600s
       option tcpka


#HTTP SECTION
       hash-type consistent
       option accept-invalid-http-request
       option accept-invalid-http-response
       option redispatch
       option http-server-close
       option http-pretend-keepalive
       retries 2
       option httplog
        no option checkcache

#SYSTEM SECTION
       option dontlog-normal
       option dontlognull
       option log-separate-errors
        

######### frontend ##############
frontend tcp-in
       bind :2222 
       mode tcp
       log global
        option tcplog

        tcp-request inspect-delay 30s
        tcp-request content accept if HTTP

        use_backend NginxCluster if HTTP 
       default_backend Direct

backend NginxCluster
       mode http
       option abortonclose
       balance uri whole
       log global
       source 0.0.0.0
       server ngx1 192.168.10.1:80 weight 20 check inter 5s maxconn 10000
       server ngx2 192.168.10.2:80 weight 20 check inter 5s maxconn 10000
       server ngx3 192.168.10.3:80 weight 20 check inter 5s maxconn 10000

backend Direct
       mode tcp
       log global
        option tcplog
        no option httpclose
        no option http-server-close
        no option accept-invalid-http-response
        no option http-pretend-keepalive
        option transparent

And it works as we expected.But there are lots of connection, one is the  
connections between client side and the haproxy which stay in FIN_WAIT2. The 
other is the server side the backend Direct connections to the internet which 
stays in CLOSE_WAIT.Here is the connection. Here is the connection state i get. 
And my traffic is about 200Mbps.
OS: ubuntu 13.04
Memory: 8G
Processor:AMD 2380 X 2 

FIN_WAIT2 18532 #almost all the client to haproxy.
CLOSING 7
LISTEN 12
SYN_RECV 21
CLOSE_WAIT 17674 # almost all the haproxy to the internet.
TIME_WAIT 6403
ESTABLISHED 51495
LAST_ACK 143
SYN_SENT 25
FIN_WAIT1 220

And here is the topological.

                        client
                                |
                                |
                                |
                                |
                                |
                                |
                        haproxy
                                |
                 _______|________
                |                                |
                |                                |
                |http traffic            |not http traffic
                |                                |to Internet outside
                nginx            Internet


Thanks for anyone can help.



Regards
Jinge







Regards
Jinge

Reply via email to