Slow connections

Henry Paulissen h.paulissen at
Wed Dec 23 00:41:27 CET 2009

Next one.

Did you tune the tcp fin timeout? (on both servers)
Linux will standard holds all connection open till it hits the fin timeout
length (tcp_fin and tcp_fin2).
We decreased it to 3.

HAProxy support:
Do you forced a http connection close in haproxy?
If all connections are in keep-alive your queue will fill up real quick.


-----Oorspronkelijk bericht-----
Van: Joe Williams [mailto:joe at] 
Verzonden: woensdag 23 december 2009 0:23
Aan: Henry Paulissen
CC: varnish-misc at
Onderwerp: Re: Slow connections

Thanks Henry, nf_conntrack_max is set high on both machines. I've had 
the full table issue before :P

On 12/22/09 2:58 PM, Henry Paulissen wrote:
> Have a look to the conntrack setting in the kernel (sysctl) on both sides.
> It could be that your conntrack is full (connectrack only exists if you
> iptables with netfilter_conntrack).
> Regards,
> Henry
> -----Oorspronkelijk bericht-----
> Van: varnish-misc-bounces at
> [mailto:varnish-misc-bounces at] Namens Joe Williams
> Verzonden: dinsdag 22 december 2009 18:12
> Aan: varnish-misc at
> Onderwerp: Slow connections
> I am seeing a good amount (1/100) of connections to varnish (from
> haproxy) taking 3 seconds. My first thought was the connection backlog
> but somaxconn and listen_depth are both set higher than the number of
> connections. Anyone have any suggestions on how to track down what is
> causing this or settings I can use to try to aleviate it?
> Thanks.
> -Joe

Name: Joseph A. Williams
Email: joe at

More information about the varnish-misc mailing list