HAProxy 关闭长期存在的 TCP 连接,忽略 TCP keepalive [英] HAProxy closes long living TCP connections ignoring TCP keepalive
问题描述
我已配置 HAProxy(1.5.4,但我也尝试过 1.5.14)以在 TCP 模式下平衡两台服务器在 5672 端口上公开 AMQP 协议(WSO2 消息代理).客户端通过 HAProxy 创建并使用与 AMQP 服务器的永久连接.
我更改了客户端和服务器 TCP keepalive 超时,设置 net.ipv4.tcp_keepalive_time=120 (CentOS 7).
在 HAProxy 中,我将客户端/服务器超时设置为 200 秒(>120 秒的 keepalive 数据包)并使用了选项 clitcpka.
然后我启动了wireshark并嗅探了所有的tcp流量:在客户端的最后一次请求之后,tcp keepalived数据包在120秒后定期发送,但在客户端的最后一次请求后200秒后连接关闭(因此忽略了keepalived数据包).
下面的配置:
haproxy.conf
全局登录 127.0.0.1 本地 3麦克康4096用户代理组代理守护进程调试听 messagebroker_balancer 172.19.19.91:5672模式 tcp登录全局重试 3超时连接 5000ms选项重新调度客户端超时 200000ms服务器超时 200000ms选项 tcplog选项clitcpka平衡最小连接服务器 s1 172.19.19.79:5672 检查 inter 5s 上升 2 下降 3服务器 s2 172.19.19.80:5672 检查 inter 5s 上升 2 下降 3TCP keep alive 位于传输层,仅用于在连接上做一些流量,因此中间体系统如包过滤器不会'不要丢失任何状态,并且如果与另一端的连接中断(可能是因为某些东西崩溃或网络电缆损坏),终端系统可以注意到.
TCP keep alive 与您明确设置为 200 秒的应用程序级空闲超时无关:
<块引用>客户端超时 200000ms服务器超时 200000ms如果连接空闲,即没有数据传输,则会触发此超时.TCP keep alive 不传输任何数据,这些数据包的payload是空的.
I have configured HAProxy (1.5.4, but I tried also 1.5.14) to balance in TCP mode two server exposing AMQP protocol (WSO2 Message Broker) on 5672 port. The clients create and use permanent connection to the AMQP Servers, via HAProxy.
I've changed the client and server TCP keepalive timeout, setting net.ipv4.tcp_keepalive_time=120 (CentOS 7).
In HAProxy I've setted timeout client/server to 200 seconds (>120 seconds of the keepalive packets) and used the option clitcpka.
Then I've started wireshark and sniffed all the tcp traffic: after the last request from the clients, the tcp keepalived packets are sente regularly after 120 seconds, but after 200 seconds after the last request from the clients the connection are closed (thus ignoring the keepalived packet).
Below the configuration:
haproxy.conf
global
log 127.0.0.1 local3
maxconn 4096
user haproxy
group haproxy
daemon
debug
listen messagebroker_balancer 172.19.19.91:5672
mode tcp
log global
retries 3
timeout connect 5000ms
option redispatch
timeout client 200000ms
timeout server 200000ms
option tcplog
option clitcpka
balance leastconn
server s1 172.19.19.79:5672 check inter 5s rise 2 fall 3
server s2 172.19.19.80:5672 check inter 5s rise 2 fall 3
TCP keep alive is at the transport layer and is only used to do some traffic on the connection so intermediate systems like packet filters don't loose any states and that the end systems can notice if the connection to the other side broke (maybe because something crashed or a network cable broke).
TCP keep alive has nothing to do with the application level idle timeout which you have set explicitly to 200s:
timeout client 200000ms timeout server 200000ms
This timeouts gets triggered if the connection is idle, that is if no data get transferred. TCP keep alive does not transport any data, the payload of these packets is empty.
这篇关于HAProxy 关闭长期存在的 TCP 连接,忽略 TCP keepalive的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
