[lvs-users] [DSR] improve performance

Derick Fontes dbfontes at gmail.com
Mon Jun 11 01:11:20 BST 2018


Hello guys,

I'm looking for improvements for DSR balancing.

As for balancing I have nothing to complain about, it fulfills its role
perfectly. But I am suffering from high memory usage and at times high
usage of cpu.

I do not know if anyone has ever suffered from this, but I would like
suggestions on how to improve and get more performance.

I'm open to suggestions.

linux: CentOS release 6.9 (Final)
kernel: 4.4.128-1.el6.elrepo
piranha: 0.8.6-7.el6
ipvsadm: 1.26-4.el6


#free -m
             total       used       free     shared    buffers     cached
Mem:        128893     128298        595          0        133        586
-/+ buffers/cache:     127578       1315
Swap:         4095          0       4095


#lvs.cf
serial_no = 1
primary = 187.17.123.6
service = lvs
backup_active = 1
backup = 0.0.0.0
heartbeat = 1
heartbeat_port = 539
keepalive = 2
deadtime = 10
network = direct
debug_level = NONE

virtual XXX {
     active = 1
     address = XXX bondXX
     vip_nmask = 255.255.255.0
     port = 80
     persistent = 60
     pmask = 255.255.255.255
     send_program = "/opt/lvs/http_check.sh XXX 80 %h"
     expect = "0"
     load_monitor = none
     scheduler = wlc
     protocol = tcp
     timeout = 10
     reentry = 5
     quiesce_server = 1

server XXX {
 address = XXX
 active = 1
 weight = 3
 }
....


#iptables
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp --icmp-type any -j ACCEPT

-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
....


#sysctl
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.forwarding = 0
net.ipv4.vs.expire_quiescent_template = 1
net.ipv4.vs.expire_nodest_conn = 1
net.nf_conntrack_max = 512000
net.ipv4.udp_rmem_min = 131072
net.ipv4.udp_wmem_min = 131072
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.ip_local_port_range = 1024 65535
net.core.somaxconn = 65535
net.ipv4.tcp_fin_timeout = 3
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_synack_retries = 2
net.netfilter.nf_conntrack_tcp_timeout_established = 3600
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 20
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 20
net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 20
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 20
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 20
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent2 = 20
net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 20
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 20
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 20
net.ipv4.tcp_max_tw_buckets = 1440000
net.core.netdev_max_backlog = 200000
net.ipv4.udp_rmem_min = 16384
net.ipv4.tcp_wmem = 4096 87380 33554432
net.ipv4.tcp_rmem = 4096 87380 33554432
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_orphans = 400000
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_ecn = 2
net.ipv4.tcp_fastopen = 3

---

Thanks


More information about the lvs-users mailing list