通过Google Cloud NAT访问互联网时出现重大延迟 [英] Significant delay when accessing internet via google cloud NAT

问题描述

在我们的设置中，我们的VM没有通过Google Cloud NAT访问外部IP的外部IP.

in our setup we have VM without external IPs accessing outside world via Google Cloud NAT.

我们正在观察奇怪的行为:

We are observing strange behavior:

• 每10到15个请求都会被严重延迟(15到135秒)

  ~$ for i in {1..50}; do echo $i;  time curl -s 'https://stackoverflow.com/' > 
  /dev/null; done
  .
  .
  .
  15

  real  2m10.830s
  user  0m0.049s
  sys   0m0.029s

• 我可以在堆栈驱动器日志中看到有关的连接已被删除:

    {
    .
    .
    .
      jsonPayload: {
        allocation_status: "DROPPED"
      }
      timestamp: "2019-09-20T11:41:05.904608023Z"  
    }

任何解决此问题的想法/建议都将受到高度赞赏. :)

Any ideas/suggestions how to resolve the issue will be highly appreciated. :)

谢谢

鲍里斯

推荐答案

您的VM可能已用尽可用的NAT端口.例如，如果您为每个VM分配4096个端口，则每15个VM需要一个NAT IP地址.在实时运行期间，如果由于打开的连接(TCP寿命最长)而导致VM + NAT用尽了可用端口，您可能会开始看到流量下降.您可能需要考虑减少 TCP超时，或为每个VM分配更多端口.

It is possible your VMs are running out of available NAT ports. For example, if you allocate 4096 ports per VM, then you need a NAT IP address for every 15 VMs. During live operation if the VMs + NAT run out of available ports due to open connections (TCP being the longest lived) you may begin to see dropped traffic. You may want to consider reducing the TCP timeout, or allocating more ports per VM.

您可以使用

You can see the current state of the NAT mapping (for example, number of ports per IP/VM) by using this command in the Cloud console:

gcloud计算路由器get-nat-mapping-info [路由器名称]

gcloud compute routers get-nat-mapping-info [ROUTER NAME]

这篇关于通过Google Cloud NAT访问互联网时出现重大延迟的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！