Ключевые слова:freebsd, trouble, optimization, tune, speed, sysctl, kernel, (найти похожие документы)
From: Poul-Henning Kamp <[email protected]>
Date: Fri, 04 Jun 1999 21:27:57 +0200
Subject: Проблемы с keepalive соединениями под FreeBSD
In message <[20][email protected]>, David Greenman writes:
>>>But, consider going back to the discusssions leading up to the Host Requirem ents
>>>RFC (1122). The particular problem was that the original timeout value for
>>>keepalives was tiny (a few minutes). 1122 dictated the corrections for this.
>>>Here are the important points from section 4.2.3.6:
>>
>>But RFC 1122 pretty much entirely predates the "modern internet user". While
>>I fully supported the policy back then, I no longer do.
>>
>>I still think the right thing is:
>>
>> default to keepalives.
>> set the timeout to a week.
>
> I don't support increasing the default timeout. That would cause problems
>for a lot of server systems that rely on the relatively short two hour default.
>The best I think you could do would be to increase it to something like
>12-24 hours as a default, but even that might be problematical.
> Actually, I think we should leave it alone. I don't mind if people add an
>rc.conf variable, however.
First of all, our current default is not two hours, but to kill
after 4 hours idle followed by no response for 20min:
net.inet.tcp.keepidle: 14400
net.inet.tcp.keepintvl: 150
So anyone depending on two hours are screwed already.
How about this then:
net.inet.tcp.always_keepidle: 86400 /* new variable */
net.inet.tcp.always_keepintvl: 64800 /* new variable */
net.inet.tcp.keepidle: 14400
net.inet.tcp.keepintvl: 150
net.inet.tcp.always_keepalive: 1
This will have all sockets have keepalives, but if the program
specifically sets keepalives, it gets the shorter timeout.
--
Poul-Henning Kamp FreeBSD coreteam member
[email protected] "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!
_________________________________________________________________
From: Poul-Henning Kamp <[15][email protected]>
Date: Sat, 05 Jun 1999 07:35:42 +0200
Well, we've heard various opinions and I think we can conclude that:
1. Even with the current timeouts, there is no significant increase
in network trafic, even with the market share FreeBSD has.
2. That server applications should have keepalives enabled.
3. That the few people, for whom it could become a problem if it
is enabled by default, are prefectly capable of changing a
variable in /etc/rc.conf.
4. It would be desirable to have per socket timeouts, but would
require application changes which are unlikely to happen.
5. Changing the timeouts would potentially mean trouble for certain
applications.
QED: The following patch.
If you don't like this, remember to change that variable in
/etc/rc.conf in the future.
Poul-Henning
Index: rc.network
RCS file: /home/ncvs/src/etc/rc.network,v
retrieving revision 1.44
diff -u -r1.44 rc.network
--- rc.network 1999/04/12 15:26:41 1.44
+++ rc.network 1999/06/05 05:25:51
@@ -180,6 +180,11 @@
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 2>&1
fi
+ if [ "X$tcp_keepalive" = X"YES" ]; then
+ echo -n ' TCP keepalive=YES'
+ sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null 2>&1
+ fi
+
if [ "X$ipxgateway_enable" = X"YES" ]; then
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 2>&1
Index: defaults/rc.conf
RCS file: /home/ncvs/src/etc/defaults/rc.conf,v
retrieving revision 1.9
diff -u -r1.9 rc.conf
--- rc.conf 1999/05/16 09:19:44 1.9
+++ rc.conf 1999/06/05 05:26:26
@@ -41,6 +41,7 @@
natd_flags="" # Additional flags for natd.
tcp_extensions="NO" # Set to Yes to turn on RFC1323 extensions.
log_in_vain="NO" # Disallow bad connection logging (or YES).
+tcp_keepalive="YES" # Kill dead TCP connections (or NO).
network_interfaces="lo0" # List of network interfaces (lo0 is loopback).
ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration.
#ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample alias entr
y.
--
Poul-Henning Kamp FreeBSD coreteam member
[email protected] "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!