Nginx setting up >25.000 concurrent connections per second

Bradley Falzon brad at teambrad.net
Fri Oct 7 10:44:39 UTC 2011


On Fri, Oct 7, 2011 at 5:14 PM, atadmin <nginx-forum at nginx.us> wrote:

> I tested with this flag enable and disables and the result is the same,
> now is disables because was the las test. Iptables is not enabled for
> the test.
>
>
Just confirming you actively removed the nf_conntrack modules. My boxes have
logged conntrack rules warnings in syslog, so if you're not seeing them,
then it's probably not your problem anyway.

My box with connection track is still tracking even though my iptables is
stopped:
[root at bf1 ~]# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root at bf1 ~]# lsmod | grep nf_conn
nf_conntrack_ipv6      19655  2
nf_conntrack           79643  2 nf_conntrack_ipv6,xt_state
ipv6                  321509  28 ip6t_REJECT,nf_conntrack_ipv6
[root at bf1 ~]# cat /proc/sys/net/netfilter/nf_conntrack_count
2

My box with connection track removed:
[brad at cache1 ~]$ cat /proc/sys/net/netfilter/nf_conntrack_count
cat: /proc/sys/net/netfilter/nf_conntrack_count: No such file or directory

Connection tracking probably isn't your issue, but for completeness sake,
just confirming.

-- 
Bradley Falzon
brad at teambrad.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20111007/36f30b4e/attachment-0001.html>


More information about the nginx mailing list