Site Navigation

Date:      Sat, 3 Mar 2007 17:28:57 +0545
From:      Tek Bahadur Limbu <teklimbu@wlink.com.np>
To:        Grant Peel <gpeel@thenetnow.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Fw: FIN_WAIT_2
Message-ID:  <20070303172857.2561b918.teklimbu@wlink.com.np>
In-Reply-To: <00d501c759b8$b7dc4870$6501a8c0@GRANT>
References:  <00aa01c758c6$f8dadb90$6501a8c0@GRANT>	<20070225193804.19bc9280.teklimbu@wlink.com.np>	<00d501c759b8$b7dc4870$6501a8c0@GRANT>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 26 Feb 2007 10:13:49 -0500
"Grant Peel" <gpeel@thenetnow.com> wrote:

> Hi All,
> 
> I have done some research ...
> 
> It appears that inn certain conditions, when the 
> net.inet.ip.fw.dyn_keepalive=1 (sysctl), remote clients or other
> servers may not respond, and a new rule or dynamic rule is setup.
> turning this to 0 seemed to help.
> 
> The effect (of having net.inet.ip.fw.dyn_keepalive=1) is that over
> time, hundreds of FIN_WAIT_2 tcp states occure. With some software,
> (vm-pop3d), it runs out of sockets, and I suspect the daemon does not
> know how to hadle this.
> 
> So do a:
> 
> sysctl net.inet.ip.fw.dyn_keepalive=0
> 
> and in about 10 minutes all FIN_WAIT_2 's dissappear. (well almost
> all).
> 
> I expect it virtually shut down dynamic rules too in ipfw, but I have
> been reading more and more that people are saying don't use dynamics
> on a busy site. Anyone care to comment.
> 
> -Grant

Hi Grant,

I have set sysctl net.inet.ip.fw.dyn_keepalive=0. But both FIN_WAIT_1
and FIN_WAIT_2 does not seem to disappear. Even now, my squid proxy box
shows:

15 CLOSE_WAIT
   5 CLOSING
2260 ESTABLISHED
2083 FIN_WAIT_1
 829 FIN_WAIT_2
 132 LAST_ACK
   5 LISTEN
  28 SYN_SENT
 177 TIME_WAIT
   1 been

Can you shed some light on this ?

Thanking you..

- -- 


With best regards and good wishes,

Yours sincerely,

Tek Bahadur Limbu

(TAG/TDG Group)
Jwl Systems Department

Worldlink Communications Pvt. Ltd.

Jawalakhel, Nepal

http://www.wlink.com.np
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)

iD8DBQFF6V99VrOl+eVhOvYRAsf6AJ4tttOBTDoMcx/Cp1R/G9iAjUc/cQCfSnfQ
NXly6YRmPzjKbbppIroPtzs=
=2Z/B
-----END PGP SIGNATURE-----

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070303172857.2561b918.teklimbu>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact