starlingx/config-files
Code Issues Proposed changes

Fix Periodic message loss between VIM and Openstack REST APIs

Browse Source 
set net.ipv4.tcp_tw_reuse=0 to avoid dnat conntrack invalid
and remove customizing ephemeral port range

The probe connection action before going to time_wait state.
Probe connection
controller               pod        TCP FLAG      SEQ           ACK
controller:50538 ---> endpoint:9292     SYN       2707980036       0
controller:50538 <--- endpoint:9292   SYN ACK     1599414185
2707980037
controller:50538 ---> endpoint:9292     ACK       2707980037
1599414186
controller:50538 ---> endpoint:9292   FIN ACK     2707980037
1599414186
controller:50538 <--- endpoint:9292     ACK       1599414186
2707980038
controller:50538 <--- endpoint:9292   FIN ACK     1599414186
2707980038
controller:50538 ---> endpoint:9292     ACK       2707980038
1599414187

And for the curl command connection with same port 50538: it will be
like
controller              pod          TCP FLAG         SEQ          ACK
controller:50538 -->  service:9292     SYN        2917708674        0
controller:50538 --> endpoint:9292     SYN        2917708674        0
controller:24479 <-- endpoint:9292   SYN ACK      2742336307
2917708675
controller:50538 <-- endpoint:9292   SYN ACK      2742336307
2917708675
controller:50538 -->  service:9292     ACK        2707980038
1599414187
controller:50538 -->  service:9292     ACK        2707980038
1599414187
controller:50538 -->  service:9292     ACK(DROP)  2707980038
1599414187

The last ACK(controller:50538-->service:9292) SEQ and ACK is same as
Probe TIME_WAIT latest ACK’s.
from
https://github.com/torvalds/linux/blob/v3.10/net/ipv4/tcp_ipv4.c#L2002 ,
it only check (des ip , des port, src ip, and src port).Because this is
not
 a correct SEQ/ACK , then it is set invalid and then dropped.

If disable tcp_tw_reuse, the port nova-api will be always not same as
 pod probe using, then the issue should be gone.
set back default(centos) ephemeral port range to avoid ephemeral port
exhaustion .

Closes-Bug: 1817936

Change-Id: I0b37e9829ac5d3bc9ca1a0b8f55abc632c79f446
Signed-off-by: Sun Austin <austin.sun@intel.com>
This commit is contained in:
Sun Austin 2019-09-07 08:31:13 +08:00
parent 8b48e2da31
commit fbc09b8db8
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
initscripts-config/files/sysctl.conf
View File

@ -66,10 +66,6 @@ net.ipv4.conf.all.rp_filter=1
#kernel.shmmax = 141762560 #kernel.shmmax = 141762560
# Limit local port range
net.ipv4.ip_local_port_range = 49216 61000
net.ipv4.tcp_tw_reuse = 1
# WRL # WRL
# set max socket memory ; default was 212992 # set max socket memory ; default was 212992
net.core.rmem_max=425984 net.core.rmem_max=425984