tcp ESTABLISHED in http-keep-alive mode is as twice as tunnel mode.

Fri, 17 Jan 2014 19:27:33 -0800 

Hi, all!


I was confused when we use haproxy and option http-kee-alive, the
established is as twice as tunnel. But other tcp status stayed the
same level.

#the tunnel mode
LISTEN 5
FIN_WAIT_1 325
FIN_WAIT_2 254
SYN_SENT 49
LAST_ACK 399
CLOSING 16
CLOSE_WAIT 70
CLOSED 247
SYN_RCVD 13
TIME_WAIT 338
ESTABLISHED 5797

#the http-keep-alived mode.
LISTEN 5
FIN_WAIT_1 166
FIN_WAIT_2 426
SYN_SENT 103
LAST_ACK 819
CLOSING 5
CLOSE_WAIT 137
CLOSED 410
SYN_RCVD 24
TIME_WAIT 346
ESTABLISHED 10019


And the configure we use

#2013##############
global
        log 192.168.149.1:10602 local4  info
        pidfile /var/run/haproxy.pid
        maxconn 100000
        maxpipes 50000
        daemon
        stats socket /tmp/haproxy.sock mode 755 level admin
        nbproc 1
        spread-checks 5
        tune.rcvbuf.client 16384
        tune.rcvbuf.server 32768
        tune.sndbuf.client 65536
        tune.sndbuf.server 16384
        node haproxy

defaults
 #TCP SECTION
        maxconn 200000
        backlog 32768
        timeout connect 10s
        timeout client 60s
        timeout server 60s
        timeout queue 30s
        timeout check 5s
        timeout http-request 5s
        timeout http-keep-alive 10s
        timeout tunnel 3600s


 #HTTP SECTION
        option accept-invalid-http-request
        option accept-invalid-http-response
        option redispatch
        retries 2
        option httplog
        no option checkcache
option http-keep-alive


 #SYSTEM SECTION
        option dontlog-normal
        option dontlognull
        option log-separate-errors


######### frontend ##############
frontend tcp-in-tos02
        bind :2001 mss 1360 transparent
        mode tcp
        log global
        option tcplog
no option http-keep-alive
no option accept-invalid-http-request

        #distingush HTTP and non-HTTP
        tcp-request inspect-delay 60s
        tcp-request content accept if HTTP

acl check_SquidCluster-tos02 nbsrv(SquidCluster-tos02) 0

        #ACTION
        use_backend Direct if !HTTP
        use_backend SquidCluster-tos02 if !check_SquidCluster-tos02
        default_backend Direct


backend SquidCluster-tos02
        mode http
        option forwardfor header X-Client
        balance hdr(Host)
        source 0.0.0.0
        option httpchk GET http://www.yahoo.com

        server sq-L1-n1a 192.168.138.1:3001 weight 20 check inter 5s
maxconn 10000
        server sq-L1-n1b 192.168.138.1:3002 weight 20 check inter 5s
maxconn 10000
        server sq-L1-n1c 192.168.138.1:3003 weight 20 check inter 5s
maxconn 10000
        server sq-L1-n2a 192.168.138.2:3001 weight 20 check inter 5s
maxconn 10000
        server sq-L1-n2b 192.168.138.2:3002 weight 20 check inter 5s
maxconn 10000
        server sq-L1-n3a 192.168.138.3:3001 weight 20 check inter 5s
maxconn 10000
        server sq-L1-n3b 192.168.138.3:3002 weight 20 check inter 5s
maxconn 10000
        server sq-L1-n3c 192.168.138.3:3003 weight 20 check inter 5s
maxconn 10000
        server sq-L1-n3d 192.168.138.3:3004 weight 20 check inter 5s
maxconn 10000


backend Direct
        mode tcp
        log global
        option tcplog
no option http-keep-alive
        no option httpclose
        no option http-server-close
        no option accept-invalid-http-response
        no option http-pretend-keepalive
        source 0.0.0.0 usesrc clientip
        option transparent


Can any one help me to explain this ?

Reply via email to