-
What Is a Network Load Balancer? - Elastic Load Balancing
October 29, 2019 at 6:31:41 PM GMT+1 - permalink -For UDP traffic, the load balancer selects a target using a flow hash algorithm based on the protocol, source IP address, source port, destination IP address, and destination port. A UDP flow has the same source and destination, so it is consistently routed to a single target throughout its lifetime. Different UDP flows have different source IP addresses and ports, so they can be routed to different targets.
-
https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html
-
Archived content - Nmap tutorial
January 29, 2016 at 2:44:48 PM GMT+1 - permalink -La raison pour laquelle on voit des block en OUPUT de certains type ICMP dans les scripts iptables :
Scanning for open UDP ports is done with the -sU option. With this scan type, Nmap sends 0-byte UDP packets to each target port on the victim. Receipt of an ICMP Port Unreachable message signifies the port is closed, otherwise it is assumed open.
One major problem with this technique is that, when a firewall blocks outgoing ICMP Port Unreachable messages, the port will appear open. These false-positives are hard to distinguish from real open ports.
-
https://nmap.org/bennieston-tutorial/
-
Brubeck, a statsd-compatible metrics aggregator - GitHub Engineering
June 16, 2015 at 10:11:06 AM GMT+2 - permalink -github releases Brubeck, a statsd compatible metric aggregator!!
A quick look at the /proc/net/dev-generated graphs on the machine made the situation very obvious: slowly but steadily over time, the percentage of UDP packets that were being dropped in our monitoring server was increasing. From 3% upwards to 40%. We were dropping almost half of our metrics!
:-)
-
http://githubengineering.com/brubeck/
-
![thumbnail]()
-
Un peu de réseau et de debug udp
Prenons une application ouvre une socket UDP : pour chaque paquet qui arrive, elle va le traiter et passer au suivant. Si le traitement est plus cours que la cadence de reception, tout va bien, on peut travailler en "flux tendu". Pour éviter de perdre des paquets si l'application est trop lente, le kernel entretien des buffers qui ont une taille par defaut et une taille max.December 10, 2014 at 3:51:28 PM GMT+1 * - permalink -
Pour consulter :
# sysctl net.core.rmem_default
# sysctl net.core.rmem_max
# sysctl net.ipv4.udp_mem
# net.core.netdev_max_backlog
En cas de probleme, on peut augmenter la taille de ce buffer. (temporairement avec commande ou /proc/... et définitivement avec /etc/systcl.d/
sysctl -w net.core.rmem_default=20000000
sysctl -w net.core.rmem_max=30000000
sysctl -w net.ipv4.udp_mem='262144 327680 393216'
sysctl -w net.core.netdev_max_backlog=2000
Comment savoir qu'on a des drop udp ?
netstat -su
Sinon il y a /proc/net/udp qui contient une ligne par socket udp avec le port (attention en hexadecimal), la taille du buffer utilisé, (s'inquiéter si rxqueue est différent de zéro) et enfin la dernière colonne, les drops !
alors si vous avez des drops, il faut revoir l'application,.
Augmenter la taille du buffer est utile seulement si ces drops sont du à des "burst" (des pics d'activité qui n'arrivent pas souvent), un plus grand buffer permettra d'absorber ces pics !
En encore plus interactif : netstat -c --udp -an
todo : trouver les commandes équivalentes avec ss
https://github.com/etsy/statsd/issues/318
https://www.assembla.com/spaces/LogZillaWiki/wiki/UDP_Buffers
http://answers.splunk.com/answers/7001/udp-drops-on-linux.html
-
https://links.infomee.fr/?AyHsGA
-
![thumbnail]()
6.10.1. tcp(), tcp6(), udp() and udp6() source options
November 7, 2014 at 10:50:10 AM GMT+1 - permalink -When receiving messages using the UDP protocol, increase the size of the UDP receive buffer on the receiver host (that is, the syslog-ng OSE server or relay receiving the messages). Note that on certain platforms, for example, on Red Hat Enterprise Linux 5, even low message load (~200 messages per second) can result in message loss, unless the so_rcvbuf() option of the source is increased. In such cases, you will need to increase the net.core.rmem_max parameter of the host (for example, to 1024000), but do not modify net.core.rmem_default parameter.
As a general rule, increase the so_rcvbuf() so that the buffer size in kilobytes is higher than the rate of incoming messages per second. For example, to receive 2000 messages per second, set the so_rcvbuf() at least to 2 097 152 bytes.
-
http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.3-guides/en/syslog-ng-ose-v3.3-guide-admin-en/html/reference_source_tcpudp.html
-
When Logstash and Syslog go wrong – Kartar.Net
November 5, 2014 at 5:45:02 PM GMT+1 - permalink -Ok j'ai eu le meme probleme : le syslog input de logstash tombe systématiquement en grok failure..
Remplaçable facilement par un udp input !
-
http://kartar.net/2014/09/when-logstash-and-syslog-go-wrong/
-
Sockets Java
March 14, 2012 at 9:58:30 PM GMT+1 - permalink -Bon cours simple sur socket, voir partie UDP
-
http://ouvea.edu.ups-tlse.fr/~torguet/cours/l3rx/SupportSockets.html
