On 21.03.2012 09:35, Henrik Nordström wrote:
> tis 2012-03-20 klockan 16:14 +0400 skrev Alexander Komyagin:
>
>> Yep, looks like I have them in SYN_SENT for 5 secs and then they are
>> discarded (timeout for httperf is set for 5 secs).
>
> And what is seen on the server side?
>
> There is mainly two limits that may get hit with such results, not
> counting kernel bugs.
>
> a) Firewall connection tracking.
>
> b) Socket listen backlog queue.
>
>
> 'a' shows up in dmesg.
>
> not sure about 'b'.
>
>
>> > This RSBAC? http://www.rsbac.org/
>> >
>> > If so, which kernel version?
>>
>> This one. 2.6.35.10 SMP x86_64.
>
> With which version of the RBAC patch? RBAC 1.4.5 have issues
> according
> to rbac.org, and 2.6.35.10 is in the affected range. Now I do not
> think
> that issue affects socket operations but not 100% sure.
>
>> >From RSBAC logs squid 3.2 produces much more operations on NETLINK
>> RAW
>> ROUTE sockets than 3.1. Maybe performance differs due to some
>> changes in
>> the Squid interception mechanism in 3.2?
>
> Maybe. Wonder what that is. Amos?
The UDS packets comes to mind, but that is a different PF_* family
type. I stopped looking at that point.
It could be the packet MARK lookups which are done through
libnetfilter-*. I have very little idea how that library works
internally.
Amos
Received on Tue Mar 20 2012 - 23:32:48 MDT
This archive was generated by hypermail 2.2.0 : Thu Mar 22 2012 - 12:00:06 MDT