Hello, we managed to fix this problem by setting: net.ipv4.tcp_syncookies=1 net.ipv4.tcp_tw_reuse=1kernel params. tcp_syscookies is enough but since we had several connections in TIME_WAIT, we read tcp_tw_reuse helps those be reused more efficiently.
HTH, Sandro Sandro Tosi wrote:
Hello,we have a rather busy Apache web server (~200/300 contemporary connections). There are time when Apache is really slow at letting client connects to it. For example, with curl, I see:02:05:17.885074 == Info: About to connect() to IP_ADDRESS port 80 (#0)02:05:17.885280 == Info: Trying IP_ADDRESS... 02:05:20.898748 == Info: connected02:05:20.898785 == Info: Connected to IP_ADDRESS (IP_ADDRESS) port 80 (#0) ... 02:05:20.917068 == Info: Closing connection #0 and 02:06:53.098230 == Info: About to connect() to IP_ADDRESS port 80 (#0)02:06:53.099272 == Info: Trying IP_ADDRESS... 02:07:02.111596 == Info: connected02:07:02.111636 == Info: Connected to IP_ADDRESS (IP_ADDRESS) port 80 (#0) 02:07:02.111731 => Send header, 222 bytes (0xde) ... 02:07:02.422093 == Info: Closing connection #0as you can see, we see a 3 seconds (first example) and a 9 seconds (second example) delay between apache server contact and when the connection is actually accepted. The delay is always either 3 or 9 seconds, that's quite weird and it seems to indicate a sort of retry+backoff (3 secs, 3x2 secs (9 secs total) and so on) implemented in some Apache layers.Anyhow, once the client is able to connect to Apache, the request is served very fast. Just to be sure it's nothing in the VirtualHosts we've setup, we tried also with /server-status but even that page is slow at connect.In addition, sometimes we also see: 02:10:40.651926 == Info: About to connect() to IP_ADDRESS port 80 (#0)02:10:40.652543 == Info: Trying IP_ADDRESS... 02:11:00.060879 == Info: Connection refused02:11:00.060924 == Info: couldn't connect to host 02:11:00.060942 == Info: Closing connection #0 as if the client was not able to be served by any Apache server. The MPM config we use is: StartServers 200 MinSpareServers 150 MaxSpareServers 300 ServerLimit 2000 MaxClients 2000 MaxRequestsPerChild 100 KeepAlive off We tried everything that came to our minds to avoid that delay: - tune the parameters above (StartServer, Min/MaxSpareServer etc)- only Listen on a single port (inferred from http://httpd.apache.org/docs/2.2/misc/perf-tuning.html) - change every possible AcceptMutex values: flock, fcntl, pthread, and sysvsem (the default)but none of them helped.Does anyone know how to solve this problem? If there are other info needed, just let me now and I'll provide them.Thanks in advance, Sandro --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx