Hello Roland, On Tue, Jan 28, 2014 at 05:21:48PM +0100, pechspilz wrote: > Hello Willy, > > Thank you for your input. After you mentioned the potential "999 limit" > I found out that uname -n showed a value of 1024. I increased the value > to 200000 and thought that this would be enough to tackle the problem. > It wasn't. The problem returned two days later. However, now it's the Tc > that's always -1, not the Tw.
OK. > Once it happens, the phenomenon goes on forever (I truncated the log > output) until I restart haproxy. I filtered the log file so it only > shows the output of the affected proxy. All other proxies are not > affected once it happens, it's just this one. I will capture the tcpdump > next time it happens. There's something disturbing again in this capture. I'm seeing that the affected server takes almost no traffic, implying that all the connections are used by the other ones. One possible reason for the trouble could be a shortage of outgoing connections on a firewall between haproxy and the server (eg: the local iptables firewall being misconfigured, or another firewall in the middle which doesn't like to get more than a certain number of connections. By the way, is it the only TCP proxy or are other proxies working well in TCP mode ? Generally speaking, your config looks fine to me and should not be responsible for your issues. The output of "show info" and "show sess" issued to the stats socket could be helpful. We'd see there if some connections remain there forever, etc... Be careful, this can be long and reveal internal information. If that's an issue, you can send them to me off-list. There's a more detailed "show sess all" which provides a more complete dump of the session table with flags, states, etc. If you're willing to pull the latest git code, or to wait for tomorrow to retrieve the latest snapshot which adds significantly more information, such as current connection counts and the memory pools states. Thanks, Willy
