Dear list members. I hope you are not to angry that I ask a Linux network question here.
The reason is that on this list are also very experienced users about high traffic
and high performance setups. Cite from http://mailman.nginx.org/pipermail/nginx/2014-February/042148.html #### currently we have a huge traffic come up. ~500 r/s http://download.none.at/nginx_request-day.png ~3.5K active connections http://download.none.at/port_www-day.png http://download.none.at/nginx_combined.png The Peaks are the raw values from module status. ~1.1g b/s traffic http://download.none.at/if_eth2-day.png http://download.none.at/tcp-day.png I have tried to setup the machine for this traffic but it looks to me that was not successfully. HW: 24 CPUs Memory: 49381124k/52166656k available (7176k kernel code, 1897452k absent, 888080k reserved, 6067k data, 1016k init) OS: lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 12.04.4 LTS Release: 12.04 Codename: precise Nginx: /home/nginx/server/sbin/nginx -V nginx version: nginx/1.4.4 built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) TLS SNI support enabled configure arguments: --prefix=/home/nginx/server --with-debug --without-http_uwsgi_module --without-http_scgi_module --without-http_empty_gif_module --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --user=nginx --group=www-data --with-file-aio --without-http_ssi_module --with-http_secure_link_module --with-http_sub_module --with-http_spdy_module Conf: http://download.none.at/my_nginx.conf When I activate the aio, nginx and xfs crashes, that's why aio is not active. In one include file we have the following. #### location ~ recent { add_header Cache-Control "no-cache"; } #### sysctl -a http://download.none.at/sysctl.txt lsmod: http://download.none.at/lsmod.txt dmesg: http://download.none.at/dmesg.txt On this machine also runs a postgresql and php-fpm but the current traffic is from delivering of pictures from the file system. /dev/mapper/pada2_vg-pada2_lv on /home/<datadir> type xfs (rw,noatime,nodiratime,attr2,inode64,noquota) #### Here the second part of the question. cite from. http://mailman.nginx.org/pipermail/nginx/2014-February/042162.html ### I run nginx on the described HW & OS. I use https://github.com/munin-monitoring/contrib/blob/master/plugins/nginx/nginx-combined to get the statistics from stub_status_module. The call from nginx-combined_<IP-ALIAS> runs on the same machine as the nginx server. Due to this fact we have no external network traffic, just an ip alias call on eth2. Every time when I have more then ~400 r/s we get no data from the status-request, this request rate means ~20k Packets/Second. I use netfilter with fail2ban, but not the connection tracking module! I have now seen on the tcpdump that I get a 'RST' Package quite immediately after a request when the 'no answer from server' cames. I think this could be a kernel-network issue not a nginx issue. The question is: Please can you help me to find the reason for the immediately 'RST' answer. I hope my question is more clear now. ### Thanks for reading and patience. Aleks
