Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 1135 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Load Balancer Connection Timeouts

utdream

Hello,

I have previously posted regarding connection timeouts when accessing services through the UTM's WAF. However, in this case, I am using the UTM's load balancer (no WAF) and I am getting connection timeouts again. I can find little to no documentation on the load balancer so that I can address this issue, and I am hoping someone can point me in the right direction. I'm guessing it is documented somewhere and I just can't find it.

Specifically, where can I find the command-line configuration for the load balancer on a UTM, and how can I adjust connection settings to avoid these timeouts.

Thank you in advance!

-JM



This thread was automatically locked due to age.
Parents
  • +1

    Hey JM,

    Have you experimented with changing the timeout in WebAdmin?  What about the 'Check type'?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    We have the check type set at "HTTP host" with the URL value set to a specific page. We do this so we can ensure the node is still processing pages correctly, as in the past there have been cases where the language interpreter has died and the node should have been considered dead.

    Interval is 15, Timeout is 5.

    I will experiment with these values and report back. Thank you for the ideas. =)

    -JM

  • 0 in reply to utdream

    Hi Bob,

    Just reporting back. Updating the Interval and Timeout values from 15/5 to 30/15 did the trick. Apparently during the load tests the UTM/LB wouldn't get a response quick enough and would consider a node inactive - which resulted in that 2% connection refused response. Upping these values allowed those web nodes to stay considered "alive" long enough for the overloaded back-end to respond.

    This will move the current bottle-neck off the UTM and back on the DB cluster again.

    Thank you for your help!

    -JM

Reply
  • 0 in reply to utdream

    Hi Bob,

    Just reporting back. Updating the Interval and Timeout values from 15/5 to 30/15 did the trick. Apparently during the load tests the UTM/LB wouldn't get a response quick enough and would consider a node inactive - which resulted in that 2% connection refused response. Upping these values allowed those web nodes to stay considered "alive" long enough for the overloaded back-end to respond.

    This will move the current bottle-neck off the UTM and back on the DB cluster again.

    Thank you for your help!

    -JM

Children
No Data
Unfiltered HTML