Hi All, I have a very busy VM (well one of my users does I don't have access but do have cooperative and copentent admin to interact with on th eother end).
At peak times it *sometimes* misses packets. I've been didding in for a bit ant it looks like they get dropped in OVS land. The VM's main function in life is to pull down webpages from other sites and analyze as requested. During peak times ( EU/US working hours ) it sometimes hangs some requests and sometimes fails. Looking at traffic the out bound SYN request from VM is always good and returning ACK always gets to physical interface of the hypervisosr (on a provider vlan). When packets get dropped they do not make it to the qvoXXXXXXXX-XX on the integration bridge. My suspicion is that OVS isn't keeping up eth1-br flow rules remaping from external to internal vlan-id but neither quite sure how to prove that or what to do about it. My initial though had been to blame contrack but drops are happening before the iptables rules and while there's a lot of connections on this hypervisor: net.netfilter.nf_conntrack_count = 351880 There should be plent of overhead to handle: net.netfilter.nf_conntrack_max = 1048576 Anyone have thought son where to go with this? version details: Ubuntu 14.04 OpenStack Mitaka ovs-vsctl (Open vSwitch) 2.5.0 Thanks, -Jon -- _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
