Bug 1453145
Summary: | Brick Multiplexing:dmesg shows request_sock_TCP: Possible SYN flooding on port 49152 | |||
---|---|---|---|---|
Product: | [Red Hat Storage] Red Hat Gluster Storage | Reporter: | Nag Pavan Chilakam <nchilaka> | |
Component: | core | Assignee: | Mohammed Rafi KC <rkavunga> | |
Status: | CLOSED ERRATA | QA Contact: | Nag Pavan Chilakam <nchilaka> | |
Severity: | urgent | Docs Contact: | ||
Priority: | unspecified | |||
Version: | rhgs-3.3 | CC: | amukherj, nchilaka, pkarampu, rhs-bugs, rkavunga, storage-qa-internal | |
Target Milestone: | --- | |||
Target Release: | RHGS 3.3.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | brick-multiplexing | |||
Fixed In Version: | glusterfs-3.8.4-29 | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1456405 (view as bug list) | Environment: | ||
Last Closed: | 2017-09-21 04:43:23 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1417151, 1456405, 1463517 |
Description
Nag Pavan Chilakam
2017-05-22 09:21:41 UTC
We can have a volume-set command to specify the backlog limits, but remember we need to configure kernal parameters like net.core.somaxconn, net.ipv4.tcp_max_syn_backlog . upstream patch : https://review.gluster.org/#/c/17411 https://review.gluster.org/#/c/17412 Downstream patch : https://code.engineering.redhat.com/gerrit/108900 https://code.engineering.redhat.com/gerrit/108899 one more downstream patch https://code.engineering.redhat.com/gerrit/#/c/109134/ to fix the max op-version is needed which is merged now. Moving this bug status back to MODIFIED as the fix will work from next build only. We have addressed the doc updates using a separate bug 1461430 steps to test this bug : 1)Before creating the volumes and after setting multiplex on , set the nvolume option transport.listen-backlog 128 There are two system level options that need to set (# sysctl -p net.core.somaxconn=$value , # sysctl -p net.ipv4.tcp_max_syn_backlog=$value) I cannot recommend a value for this , it is based on system configuration and the application. For now you can go with the default values on_qa validation: tested with Same kind of workload(or even more) for almost 2 days I set the value of transport.listen-backlog to 128 as recommended by Rafi in Comment#21 left the system ctl values to default which were as below net.core.somaxconn = 128 net.ipv4.tcp_max_syn_backlog = 256 have 40 1x3 vols with brick mux enabled and all bricks running on one fsd proc had 10 volumes mounted on different clients each, and did linux untar for 50 times in each volume, for more than 1.5 days. Didn't hit the syn flooding problem. hence moving to verified testverion:3.8.4-36 on rhel7.4 command for sysctl option is sysctl net.ipv4.tcp_max_syn_backlog=$value (no -p) Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2774 |