[lvs-users] TCP timeout and established connections in DR mode
Abhijeet Rastogi
abhijeet.1989 at gmail.com
Sat May 2 02:38:04 BST 2020
Hi everyone,
Considering that IPVS is in DR mode with persistence disabled completely
and the client and real servers are configured to handle long-lived HTTP
connections (>15min). I understand that the default TCP timeout is 15min
but t I'm confused about the impact of this timeout on already active
established connections even when the timer value hits.
For eg, with default value 15min, will the existing connection be simply
dropped or do we keep the connection table for that 5-tuple intact?
- If the connection is simply dropped, are there any signals to look for
in terms of finding out how widespread it is?
- If we keep the connection table entry, what's the new policy on this
existing connection? (Note: persistence is disabled, as I'm aware that
there's a 60s timer which reactivates the connection template)
- If this is true, should we keep TCP timeouts on production servers
lesser than 15min to ensure we're protected in terms of some
sort of abuse?
Help is greatly appreciated.
Cheers,
Abhijeet (https://abhi.host)
More information about the lvs-users
mailing list