On Thu, Oct 10, 2013 at 03:57:37PM -0400, Andy M. wrote: > Thanks for the response pelle, > > The haproxy box is running at about 10-15% cpu. > > Looking at the TCP Dump, it seems the client is doing 1 or more > TCP_Retransmissions of the incoming request when there is a delay. Anyone > know why this would happen?
When you say "the incoming request", you mean the SYN packet, right ? If so, that means the backlog is full. > Here is the requested information: > root@haproxy:~# sysctl net.core.somaxconn > net.core.somaxconn = 128 This is far too low or 20k CPS. You fill it in 6 ms at 20k CPS. Try increasing it to 1024 to see how things go. > root@haproxy:~# sysctl net.ipv4.tcp_max_syn_backlog > net.ipv4.tcp_max_syn_backlog = 2048 In practice, I'm used to increase somaxconn to ~10000 and max_syn_backlog to ~20000, but it's a bit more tricky as you don't want somaxconn to be larger than haproxy's listen queue, otherwise the system will disable SYN cookies. In practice, 1024 should already be OK (about 51ms to fill it). > I removed the tcp_tw_recycle, but this did not change anything OK. If things do not improve with the settings above, you'll have to check if you're running netfilter and to see if your contrack table is never full : # dmesg | grep -i full You also need to check if your network card or driver is not dropping packets : # netstat -i Regards, Willy
