[988] in linux-net channel archive
Re: heavily-accessed site w/ random hangs on specific port... suggestions?
daemon@ATHENA.MIT.EDU (Rob Janssen reading Linux mailingl)
Fri Aug 25 00:41:42 1995
From: linux@pe1chl.ampr.org (Rob Janssen reading Linux mailinglist)
To: andrewm@connect.com.au (Andrew McNamara)
Date: Thu, 24 Aug 1995 08:22:51 +0200 (MET DST)
Cc: mea@mea.cc.utu.fi, linux-net@vger.rutgers.edu
In-Reply-To: <199508230547.PAA21867@warrane.connect.com.au> from "Andrew McNamara" at Aug 23, 95 03:47:55 pm
Reply-To: linux-vger@wab-tis.rabobank.nl
According to Andrew McNamara:
> > When the jam happens, network monitors (persons with equipment
> > on right spots on our ATM and FDDI nets) say that ftp.funet.fi
> > gets TCP-SYNs (so, requests to create connection) into FTP
> > control port, however it does not send TCP-ACK for it -> connection
> > will not get estabilished. Simultaneous system call trace on
> > that machine also shows that accept() does not happen.
> >[...]
> > I am beginning to wonder, if Linux network code does something
> > wrong in the same way as BSD one ? (The OSF/1 networking code
> > is clearly BSD code.) Or is it something more sinister ...
> > ... the TCP/IP protocol is at fault ?
>
> We have a similar experience here - but it usually effects SMTP (although
> we are starting to see it on our web server as well).
>
> I think it's a problem with the sockets interface model rather than TCP
> itself - the listen(2) call only supports a finite number of
> outstanding connection requests. In spite of what the manual entries
> appear to say, connections requests in excess of the maxium supported
> are simply ignored as you have seen.
Couldn't it be a problem with TIME WAIT state?
When many connections are made and released, a lot of TCP controlblocks
can be in TIME WAIT state, and thus unavailable for use for some time.
When the controlblocks are from a fixed array (rather than dynamically
allocated) you can be out of controlblocks even while only a few connections
are active. You just need a lot of connections/releases over a short
interval. WWW could cause that (also when doing FTP from WWW browsers).
I don't know why it would affect only connects to a single port number.
Maybe the TCP code counts connections to the same port in an attempt to
fairly distribute the finite resource over different uses?
Rob
--
+------------------------------------+--------------------------------------+
| Rob Janssen rob@knoware.nl | AMPRnet: rob@pe1chl.ampr.org |
| e-mail: pe1chl@wab-tis.rabobank.nl | AX.25 BBS: PE1CHL@PI8WNO.#UTR.NLD.EU |
+------------------------------------+--------------------------------------+
