barrywong wrote: > yes > > my firewall VIP display tcp connect is 9454 > > but ipvsadm -Ln VIP Total is 7078+7125 more than firewall connect > > TCP xxx.xxx.xxx.xxx:80 wlc persistent 120 > -> xxx.xxx.xxx.xx1:80 Route 1 7078 4140 > -> xxx.xxx.xxx.xx2:80 Route 1 7125 5822 > > how can i do ? > I guess your issue is that the persistance is low compared to your usage. I've had similar numbers with a mysql setup. Basically, there was hundreds of very-long-lasting connections, but that weren't doing much of traffic, with sometimes pausing for hours. They would disappear from the LVS status but still be visible on the client and the server as CONNECTED.
It's not really a big issue. Usually server affinity make the resuming packets being directed to the same server so the connection can still be used. If it wasn't the case, there is enough code on the client side to re-establish a new connection if that one was to fail. You'll still have to face a problem with the server side connections that will be lingering in a limbo state. I would consider setting some sort of timeout on that side. I'm not 100% sure, but you're real server are running squid on port 80 correct. If so, please have a look there http://www.squid-cache.org/Versions/v3/3.0/cfgman/read_timeout.html and probably shorten it (or extend your LVS persistance to that value with ipvsadm --set ) Cheers -- Thomas _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
