Carlos Aguni

Highly motivated self-taught IT analyst. Always learning and ready to explore new skills. An eternal apprentice.

AWS NLB

01 Jul 2022 »

https://medium.com/tenable-techblog/lessons-from-aws-nlb-timeouts-5028a8f65dda

Consider enabling (and tuning) TCP keepalive in your Target. Enabling TCP keepalive avoids silent connection failures. The default /proc/sys/net/ipv4/tcp_keepalive_time in Linux is 7200 (2 hours). Make sure you tune this parameter to well under 350s to avoid NLB timeouts.

https://github.com/istio/istio/issues/16572

tcp_keepalive_time (default: 7200) tcp_keepalive_intvl (default: 75) tcp_keepalive_probes (default: 9)

https://webhostinggeeks.com/howto/configure-linux-tcp-keepalive-setting/

https://stackoverflow.com/questions/46771389/why-does-nginx-proxy-pass-close-my-connection

https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-troubleshooting.html#elb-reset-count-metric

https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#connection-idle-timeout

« /etc/security/limits.conf Golang Study. Go: The Complete Developer's Guide »