空闲超时时间简介
针对HTTP/HTTPS监听器,在创建的时候可以设置空闲超时时间(idle-timeout)参数;客户端在访问了监听器对应的业务后会在ELB网元上产生连接会话,以记录当前连接。如果客户端在访问完成后一直没有后续报文发送,即连接处于空闲状态,此时ELB网元会计算空闲时间,达到监听器的超时时间后就会断开此连接,用于回收状态资源。按照目前的实现,空闲超时间的取值范围为[1,300],默认值为60,单位为秒。
HTTP监听器的空闲超时时间测试方法
监听器配置
按照如下方式配置一个HTTP监听器,并配置两台虚机,一台作为后端服务器,一台作为client端发起tcp测试流量。
| 监听器类型 | 对应的LB实例IP | 监听器端口 | 后端主机IP | 后端主机端口 |
| HTTP | 10.1.4.7 | 35001 | 10.1.4.5 | 45001 |
配置监听器的空闲超时时间为15s,作为client端虚机的ip:10.1.4.4。
后端服务器上通过nginx起监听服务,具体nginx的配置如下:
|
user root root; events { http{ } |
测试方法描述
(1)开两个窗口连接client虚机,一个窗口用于打流,一个窗口用于观察tcpdump抓包打印;
(2)在窗口1上,client虚机上先开启tcpdump抓包:tcpdump -eevvnn host 10.1.4.7;
(3)在在窗口2上,client虚机上通过Telnet发起HTTP请求流量,执行命令为:
telnet 10.1.4.7 35001
GET / HTTP/1.1 //执行完telnet命令后,此行及下面的两行复制后直接黏贴到命令行界面,回车
Connection:keep-alive
Host: localhost
执行上面的打流命令,直至执行超时结束,具体如下:
[root@vm-247 ~]# telnet 10.1.4.7 35001 //开始打流
Trying 10.1.4.7...
Connected to 10.1.4.7.
Escape character is '^]'.
GET / HTTP/1.1
Connection:keep-alive
Host: localhost
HTTP/1.1 200 OK
Server: CTYun LB
Date: Mon, 28 Nov 2022 02:12:55 GMT
Content-Type: text/html
Content-Length: 26
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 11:13:22 GMT
ETag: "637f51d2-1a"
Expires: Mon, 28 Nov 2022 02:29:22 GMT
Cache-Control: max-age=5
Set-Cookie: test1 = aabbccddee1111
Set-Cookie: test2 = aabbccddee2222
Set-Cookie: test3 = aabbccddee3333
Cache-Control: 10
Accept-Ranges: bytes
lbtest-vm-az3-7-10.1.3.16
Connection closed by foreign host.
(4)在窗口2上观察tcpdump抓包信息
[root@vm-247 ~]# tcpdump -eevvnn host 10.1.4.7
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:12:56.592218 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 74: (tos 0x10, ttl 64, id 21119, offset 0, flags [DF], proto TCP (6), length 60)
10.1.1.4.46254 > 10.1.4.7.35001: Flags [S], cksum 0x193b (incorrect -> 0x05cb), seq 4265250616, win 29200, options [mss 1460,sackOK,TS val 250993991 ecr 0,nop,wscale 7], length 0
10:12:56.593047 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 62, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [S.], cksum 0x4e1c (correct), seq 2948522996, ack 4265250617, win 35840, options [mss 8952,nop,nop,sackOK,nop,wscale 11], length 0
10:12:56.593066 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 54: (tos 0x10, ttl 64, id 21120, offset 0, flags [DF], proto TCP (6), length 40)
10.1.1.4.46254 > 10.1.4.7.35001: Flags [.], cksum 0x1927 (incorrect -> 0x3752), seq 1, ack 1, win 229, length 0
10:12:56.593333 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 32054, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [.], cksum 0x3825 (correct), seq 1, ack 1, win 18, length 0
10:13:04.297463 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 70: (tos 0x10, ttl 64, id 21121, offset 0, flags [DF], proto TCP (6), length 56) //开始发送http get,计时T1,接下来client端一直不再发送报文,即出现连接空闲
10.1.1.4.46254 > 10.1.4.7.35001: Flags [P.], cksum 0x1937 (incorrect -> 0x65a3), seq 1:17, ack 1, win 229, length 16
10:13:04.297642 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 62, id 32055, offset 0, flags [DF], proto TCP (6), length 52)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [.], cksum 0xe755 (correct), seq 1, ack 1, win 18, options [nop,nop,sack 1 {4294967248:1}], length 0
10:13:04.297650 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 32056, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [.], cksum 0x3815 (correct), seq 1, ack 17, win 18, length 0
10:13:04.394196 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 77: (tos 0x10, ttl 64, id 21122, offset 0, flags [DF], proto TCP (6), length 63)
10.1.1.4.46254 > 10.1.4.7.35001: Flags [P.], cksum 0x193e (incorrect -> 0xf21b), seq 17:40, ack 1, win 229, length 23
10:13:04.394476 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 32057, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [.], cksum 0x37fe (correct), seq 1, ack 40, win 18, length 0
10:13:04.494416 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 71: (tos 0x10, ttl 64, id 21123, offset 0, flags [DF], proto TCP (6), length 57)
10.1.1.4.46254 > 10.1.4.7.35001: Flags [P.], cksum 0x1938 (incorrect -> 0x1754), seq 40:57, ack 1, win 229, length 17
10:13:04.494625 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 32058, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [.], cksum 0x37ed (correct), seq 1, ack 57, win 18, length 0
10:13:04.612760 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 56: (tos 0x10, ttl 64, id 21124, offset 0, flags [DF], proto TCP (6), length 42)
10.1.1.4.46254 > 10.1.4.7.35001: Flags [P.], cksum 0x1929 (incorrect -> 0x2a06), seq 57:59, ack 1, win 229, length 2
10:13:04.612935 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 32059, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [.], cksum 0x37eb (correct), seq 1, ack 59, win 18, length 0
10:13:04.614988 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 505: (tos 0x0, ttl 62, id 32060, offset 0, flags [DF], proto TCP (6), length 491)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [P.], cksum 0xffec (correct), seq 1:452, ack 59, win 18, length 451
10:13:04.615003 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 54: (tos 0x10, ttl 64, id 21125, offset 0, flags [DF], proto TCP (6), length 40)
10.1.1.4.46254 > 10.1.4.7.35001: Flags [.], cksum 0x1927 (incorrect -> 0x354d), seq 59, ack 452, win 237, length 0
10:13:19.614855 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 32061, offset 0, flags [DF], proto TCP (6), length 40) //此时LB开始发送http-504,即空闲超时时间曹氏,计时T2
10.1.4.7.35001 > 10.1.1.4.46254: Flags [F.], cksum 0x3627 (correct), seq 452, ack 59, win 18, length 0
10:13:19.614942 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 54: (tos 0x10, ttl 64, id 21126, offset 0, flags [DF], proto TCP (6), length 40)
10.1.1.4.46254 > 10.1.4.7.35001: Flags [F.], cksum 0x1927 (incorrect -> 0x354b), seq 59, ack 453, win 237, length 0
10:13:19.615299 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 32062, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.46254: Flags [.], cksum 0x3626 (correct), seq 453, ack 60, win 18, length 0
请求空闲超时时间计算:T=T2-T1=15s.与配置参数结果一致。
HTTPS监听器的空闲超时时间测试方法
监听器配置
按照如下方式配置一个HTTP监听器,并配置两台虚机,一台作为后端服务器,一台作为client端发起tcp测试流量。
| 监听器类型 | 对应的LB实例IP | 监听器端口 | 后端主机IP | 后端主机端口 |
| HTTP | 10.1.4.7 | 35001 | 10.1.4.5 | 35001 |
配置监听器的空闲超时时间为20s,作为client端虚机的ip:10.1.4.4。
测试方法
同HTTP监听器的测试方法:
(1)在client上用tcpdump显示报文收发:tcpdump -eevvnn host 10.1.4.7
(2)由没找到较好打HTTPS流量的工具,故自己手写一个工具http_ctl,实现client向LB发起请求后不再发送报文;
(3)通过tcpdump抓包,观察tcp三次握手完成的时刻 到 LB发送FIN报文的时刻,两个时刻的差值为请求空闲超时时间。
工具执行方法:./http_clt https%3A%2F%2F%20b-ip:监听器端口/abc
通过工具从client端打入https流量:
17:50:52.465847 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 57978, offset 0, flags [DF], proto TCP (6), length 60)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [S], cksum 0x193b (incorrect -> 0x442c), seq 37748370, win 29200, options [mss 1460,sackOK,TS val 278469864 ecr 0,nop,wscale 7], length 0
17:50:52.466661 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 62, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [S.], cksum 0xc30a (correct), seq 1947150939, ack 37748371, win 35840, options [mss 8952,nop,nop,sackOK,nop,wscale 11], length 0
17:50:52.466685 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 64, id 57979, offset 0, flags [DF], proto TCP (6), length 40)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [.], cksum 0x1927 (incorrect -> 0xac40), seq 1, ack 1, win 229, length 0
17:50:52.466850 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 571: (tos 0x0, ttl 64, id 57980, offset 0, flags [DF], proto TCP (6), length 557)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [P.], cksum 0x1b2c (incorrect -> 0x141a), seq 1:518, ack 1, win 229, length 517
17:50:52.466871 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 890, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [.], cksum 0xad13 (correct), seq 1, ack 1, win 18, length 0
17:50:52.466970 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 62, id 891, offset 0, flags [DF], proto TCP (6), length 52)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [.], cksum 0x7587 (correct), seq 1, ack 1, win 18, options [nop,nop,sack 1 {4294967248:1}], length 0
17:50:52.466987 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 892, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [.], cksum 0xab0e (correct), seq 1, ack 518, win 18, length 0
17:50:52.467680 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 894: (tos 0x0, ttl 62, id 893, offset 0, flags [DF], proto TCP (6), length 880)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [P.], cksum 0xf3ae (correct), seq 1:841, ack 518, win 18, length 840
17:50:52.467697 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 64, id 57981, offset 0, flags [DF], proto TCP (6), length 40)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [.], cksum 0x1927 (incorrect -> 0xa6e6), seq 518, ack 841, win 242, length 0
17:50:52.468552 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 180: (tos 0x0, ttl 64, id 57982, offset 0, flags [DF], proto TCP (6), length 166)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [P.], cksum 0x19a5 (incorrect -> 0x13fb), seq 518:644, ack 841, win 242, length 126
17:50:52.468920 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 296: (tos 0x0, ttl 62, id 894, offset 0, flags [DF], proto TCP (6), length 282)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [P.], cksum 0x442e (correct), seq 841:1083, ack 644, win 18, length 242
17:50:52.469069 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 64, id 57983, offset 0, flags [DF], proto TCP (6), length 160)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [P.], cksum 0x199f (incorrect -> 0xfef0), seq 644:764, ack 1083, win 255, length 120
17:50:52.471245 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 534: (tos 0x0, ttl 62, id 895, offset 0, flags [DF], proto TCP (6), length 520)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [P.], cksum 0x2073 (correct), seq 1083:1563, ack 764, win 18, length 480
17:50:52.511187 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 64, id 57984, offset 0, flags [DF], proto TCP (6), length 40)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [.], cksum 0x1927 (incorrect -> 0xa304), seq 764, ack 1563, win 268, length 0
17:51:12.472031 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl 62, id 896, offset 0, flags [DF], proto TCP (6), length 71)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [P.], cksum 0x075f (correct), seq 1563:1594, ack 764, win 18, length 31
17:51:12.472051 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 64, id 57985, offset 0, flags [DF], proto TCP (6), length 40)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [.], cksum 0x1927 (incorrect -> 0xa2e5), seq 764, ack 1594, win 268, length 0
17:51:12.472061 fa:16:3e:5e:3a:ea > fa:16:3e:56:c0:8e, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 62, id 897, offset 0, flags [DF], proto TCP (6), length 40)
10.1.4.7.35001 > 10.1.1.4.49578: Flags [F.], cksum 0xa3de (correct), seq 1594, ack 764, win 18, length 0
17:51:12.511177 fa:16:3e:56:c0:8e > fa:16:3e:5e:3a:ea, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 64, id 57986, offset 0, flags [DF], proto TCP (6), length 40)
10.1.1.4.49578 > 10.1.4.7.35001: Flags [.], cksum 0x1927 (incorrect -> 0xa2e4), seq 764, ack 1595, win 268, length 0
17:50:52.466850
17:51:12.472061
测试结果连接超时时间为20s。
