Hello,
This is maybe not strictly haproxy related but I believe that it is worth to notice that recently there were two quite important fixes that can dramatically improve performance of haproxy installed on a linux server with conntrack enabled, especially on the most recent kernels (2.6.22+?) that have tcp port randomisation feature implemented:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=17311393f969090ab060540bd9dbe7dc885a76d5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bc34b841556aad437baf4199744e55500bfa2088
If any of you are interested, there is a full thread describing the
problem:
http://marc.info/?t=119081130100010&r=2&w=4
http://marc.info/?t=119081130100010&r=1&w=4
If you are using the latest haproxy release (1.3.13) please check your statistics. If there are many retries not justified by a low capacity of your servers, it is quite likely that this problem is caused by the bug in the netfilter code.
Those patches are going to be sent to the stable-team to be included in the next relases (I hope) but even now it is possible to use them with 2.6.22+ kernels:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=17311393f969090ab060540bd9dbe7dc885a76d5 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=bc34b841556aad437baf4199744e55500bfa2088
Best regards,
Krzysztof Olędzki Received on 2007/10/20 00:21
This archive was generated by hypermail 2.2.0 : 2007/11/04 19:21 CET