[lvs-users] TCP timeout and established connections in DR mode
Abhijeet Rastogi
abhijeet.1989 at gmail.com
Tue May 5 15:57:06 BST 2020
Hi everyone,
Since I couldn't find in documentation, help is appreciated on this one :)
Thanks in advance.
On Fri, May 1, 2020 at 6:38 PM Abhijeet Rastogi <abhijeet.1989 at gmail.com>
wrote:
> Hi everyone,
>
> Considering that IPVS is in DR mode with persistence disabled completely
> and the client and real servers are configured to handle long-lived HTTP
> connections (>15min). I understand that the default TCP timeout is 15min
> but t I'm confused about the impact of this timeout on already active
> established connections even when the timer value hits.
>
> For eg, with default value 15min, will the existing connection be simply
> dropped or do we keep the connection table for that 5-tuple intact?
>
> - If the connection is simply dropped, are there any signals to look
> for in terms of finding out how widespread it is?
> - If we keep the connection table entry, what's the new policy on this
> existing connection? (Note: persistence is disabled, as I'm aware that
> there's a 60s timer which reactivates the connection template)
> - If this is true, should we keep TCP timeouts on production
> servers lesser than 15min to ensure we're protected in terms of some sort
> of abuse?
>
> Help is greatly appreciated.
>
> Cheers,
> Abhijeet (https://abhi.host)
>
--
Cheers,
Abhijeet (https://abhi.host)
More information about the lvs-users
mailing list