PF + load balancing over 100Mbit traffic [SOLVED]
Adam PAPAI
wooh at wooh.hu
Thu Dec 3 11:19:44 UTC 2009
Gergely CZUCZY wrote:
> On Thu, 03 Dec 2009 09:19:29 +0100
> Adam PAPAI <wooh at wooh.hu> wrote:
>
>> Dear List,
>>
>> I have a feeling that PF can't do perfect round-robin load balancing
>> over 100Mbit.
>>
>> When our PF server's (Dual Quad Core 3Ghz with 8GB ram) network
>> traffic goes over 100Mbit, the 80 port's connect time increases to
>> 3-5-10 sec instead of the stable 0.001-0.002 sec. The web servers
>> feel good, they don't have load, the redundant master-slave database
>> servers feel good, they dont have high load. So everything seems
>> fine, except the connect time. (Our checker script asks only a HEAD
>> request from the web servers)
> Have you adjusted the TCP timeout parameters? this can be caused by the
> standard 30sec timeouts and your state table is getting filled up. I'd
> check the following parameters:
> - timeout tcp.{closing,finwait,closed}
> - interval
> - limit states
>
Thanks,
I really had to change the pf.conf and set the values below.
set limit states 40000
set timeout interval 5
In the future i should increase the limit states and reduce the timeout
interval :)
Since i've changed the values, the connection time is between 0.001 and
0.004, the traffic is over than 110Mbit.
\o/
Have a nice day :)
--
Adam PAPAI
NETIDEA Informatikai Szolgaltato Kft.
http://www.netidea.hu
E-mail: wooh at wooh.hu
More information about the freebsd-pf
mailing list