Am 24.08.2012 16:17, schrieb sridhar basam: > time_waits are normal part of the tcp teardown process.
as i said > If you are an very busy site and if the > connection rate at the origins is high enough, even with keepalive, i > would try the the 2nd set of sysctl changes before the tcp_tw_reuse > one as a last resort. ona REALLY busy server and under DDOS you will need both and the scond set even with lower values if this is only a http server > On Fri, Aug 24, 2012 at 5:12 AM, Reindl Harald <[email protected]> wrote: >> >> >> Am 24.08.2012 11:06, schrieb Andrew Ashcroft: >> >>> We’re seeing a lot of TCP connections in time_wait on our origin servers >>> and it’s beginning to effect the >>> performance of the site. >> >> TIME_WAIT is from the view of the application a closd connection >> http://developerweb.net/viewtopic.php?id=2941 >> >> /etc/sysct.conf: >> net.ipv4.tcp_tw_reuse = 1 >> >> followed by "sysctl -p" may help here >> ________________________ >> >> you may also like these changes in busy servers >> >> net.ipv4.tcp_fin_timeout = 5 >> net.ipv4.tcp_retries1 = 6 >> net.ipv4.tcp_syn_retries = 6 >> net.ipv4.tcp_synack_retries = 2 >> net.ipv4.ip_local_port_range = 2000 65535 >> net.ipv4.tcp_slow_start_after_idle = 0 >> >> >> -- Reindl Harald the lounge interactive design GmbH A-1060 Vienna, Hofmühlgasse 17 CTO / CISO / Software-Development p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40 icq: 154546673, http://www.thelounge.net/ http://www.thelounge.net/signature.asc.what.htm
signature.asc
Description: OpenPGP digital signature
