Back to Blog
Traffic between ephemeral ports6/23/2023 A lot of this advice is covered above but I added some additional tips and hopefully some useful commentary. TLDR this is a game of whack-a-mole move-the-bottleneck. Glad to give you more specific help if you need it. We have had hosting providers block us because they thought we were doing a DOS attack on their DNS. They may benefit from having more IPs as well.ĭNS lookups on the backends can become an issue. You may be able to reuse outbound connections, with HTTP pipelining, if the back ends support it.Īt a certain point, the back end servers may be the limit. So the equation turns into “source IP from pool” + random port + target IP + 80. Then tell your HTTP client library to use an IP from a pool as its source when talking to the back ends. If you are getting limited talking to back end servers, then it’s useful to give your server multiple IP addresses. There are other kernel TCP settings you should tune as well, e.g. # Recycle and Reuse TIME_WAIT sockets faster Tune the kernel settings to reduce the maximum segment lifetime, e.g.: # Decrease the time default value for tcp_fin_timeout connection It hits you very hard running behind Nginx as a proxy, but can also hit you on the outbound side when you are talking to a small number of back end servers.
0 Comments
Read More
Leave a Reply. |