From owner-freebsd-net@FreeBSD.ORG  Wed Jan 15 21:48:15 2014
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 73B65C39
 for <freebsd-net@freebsd.org>; Wed, 15 Jan 2014 21:48:15 +0000 (UTC)
Received: from mail.tdx.com (mail.tdx.com [62.13.128.18])
 by mx1.freebsd.org (Postfix) with ESMTP id 3C44018BE
 for <freebsd-net@freebsd.org>; Wed, 15 Jan 2014 21:48:14 +0000 (UTC)
Received: from study64.tdx.co.uk (study64.tdx.co.uk [62.13.130.231])
 (authenticated bits=0)
 by mail.tdx.com (8.14.3/8.14.3/) with ESMTP id s0FLjl7J042811
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
 for <freebsd-net@freebsd.org>; Wed, 15 Jan 2014 21:45:48 GMT
Date: Wed, 15 Jan 2014 21:45:47 +0000
From: Karl Pielorz <kpielorz_lst@tdx.co.uk>
To: freebsd-net@freebsd.org
Subject: LAST_ACK hanging around / reaping?
Message-ID: <39BB47DB91A9375CDA87B5A2@study64.tdx.co.uk>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jan 2014 21:48:15 -0000


Hi,

We've a number of FreeBSD 9.2 amd64 systems - recently we've noticed a 
large number of TCP sessions ending up stuck in 'LAST_ACK' (sometimes this 
can creep up to many thousands per box).

Having dug around - it appears some kind of load balancer at the 'other 
ends' of these connections isn't handling connection closes too well or 
something [I don't think it's a FreeBSD issue - it looks like a 'them' 
issue].

The questions are

  a) Should we be concerned by constantly having several thousand 
connections in LAST_ACK

  b) Is there a sysctl to change how long they'll hang around for?

And, more importantly,

  c) If the system needs these resources - will it reap some of them? (i.e. 
oldest first or something) - or could they potentially just keep growing in 
a worst case scenario until something runs out?

Thanks,

-Karl