From owner-freebsd-questions@FreeBSD.ORG  Sat Mar  3 11:44:13 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id CCAAD16A400
	for <freebsd-questions@freebsd.org>;
	Sat,  3 Mar 2007 11:44:13 +0000 (UTC)
	(envelope-from teklimbu@wlink.com.np)
Received: from smtp5.wlink.com.np (smtp5.wlink.com.np [202.79.32.52])
	by mx1.freebsd.org (Postfix) with SMTP id DBF1E13C474
	for <freebsd-questions@freebsd.org>;
	Sat,  3 Mar 2007 11:44:11 +0000 (UTC)
	(envelope-from teklimbu@wlink.com.np)
Received: (qmail 23356 invoked from network); 3 Mar 2007 11:44:08 -0000
Received: from unknown (HELO smtp1.wlink.com.np) (202.79.32.76)
	by 0 with SMTP; 3 Mar 2007 11:44:08 -0000
Received: (qmail 25376 invoked by uid 98); 3 Mar 2007 11:44:08 -0000
Received: from 202.79.36.216 by smtp1.wlink.com.np (envelope-from
	<teklimbu@wlink.com.np>, uid 1009) with qmail-scanner-1.25 
	(clamdscan: 0.88.4/2205.  Clear:RC:1(202.79.36.216):. 
	Processed in 0.024683 secs); 03 Mar 2007 11:44:08 -0000
X-Qmail-Scanner-Mail-From: teklimbu@wlink.com.np via smtp1.wlink.com.np
X-Qmail-Scanner: 1.25 (Clear:RC:1(202.79.36.216):. Processed in 0.024683 secs)
Received: from [202.79.36.216] (HELO teklimbu.wlink.com.np) by
	smtp1.wlink.com.np (qmail-smtpd) with SMTP;
	03 Mar 2007 11:44:05 -0000 (Sat, 03 Mar 2007 17:29:05 +0545)
Received: from teklimbu.wlink.com.np ([202.79.36.216])	by
	teklimbu.wlink.com.np with smtp (Exim 4.66)	(envelope-from
	<teklimbu@wlink.com.np>)	id 1HNSeg-0009fO-Cs;
	Sat, 03 Mar 2007 17:29:02 +0545
Date: Sat, 3 Mar 2007 17:28:57 +0545
From: Tek Bahadur Limbu <teklimbu@wlink.com.np>
To: Grant Peel <gpeel@thenetnow.com>
Message-Id: <20070303172857.2561b918.teklimbu@wlink.com.np>
In-Reply-To: <00d501c759b8$b7dc4870$6501a8c0@GRANT>
References: <00aa01c758c6$f8dadb90$6501a8c0@GRANT>	<20070225193804.19bc9280.teklimbu@wlink.com.np>	<00d501c759b8$b7dc4870$6501a8c0@GRANT>
Organization: Worldlink Communications Pvt. Ltd.
X-Mailer: Sylpheed version 2.2.0 (GTK+ 2.8.12; i386-portbld-freebsd6.1)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Spam-Check-By: smtp1.wlink.com.np
Spam: No ; 0.3 / 7.0
X-Spam-Status-WL: No, hits=0.3 required=7.0
Cc: freebsd-questions@freebsd.org
Subject: Re: Fw: FIN_WAIT_2
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Mar 2007 11:44:13 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 26 Feb 2007 10:13:49 -0500
"Grant Peel" <gpeel@thenetnow.com> wrote:

> Hi All,
> 
> I have done some research ...
> 
> It appears that inn certain conditions, when the 
> net.inet.ip.fw.dyn_keepalive=1 (sysctl), remote clients or other
> servers may not respond, and a new rule or dynamic rule is setup.
> turning this to 0 seemed to help.
> 
> The effect (of having net.inet.ip.fw.dyn_keepalive=1) is that over
> time, hundreds of FIN_WAIT_2 tcp states occure. With some software,
> (vm-pop3d), it runs out of sockets, and I suspect the daemon does not
> know how to hadle this.
> 
> So do a:
> 
> sysctl net.inet.ip.fw.dyn_keepalive=0
> 
> and in about 10 minutes all FIN_WAIT_2 's dissappear. (well almost
> all).
> 
> I expect it virtually shut down dynamic rules too in ipfw, but I have
> been reading more and more that people are saying don't use dynamics
> on a busy site. Anyone care to comment.
> 
> -Grant

Hi Grant,

I have set sysctl net.inet.ip.fw.dyn_keepalive=0. But both FIN_WAIT_1
and FIN_WAIT_2 does not seem to disappear. Even now, my squid proxy box
shows:

15 CLOSE_WAIT
   5 CLOSING
2260 ESTABLISHED
2083 FIN_WAIT_1
 829 FIN_WAIT_2
 132 LAST_ACK
   5 LISTEN
  28 SYN_SENT
 177 TIME_WAIT
   1 been

Can you shed some light on this ?

Thanking you..

- -- 


With best regards and good wishes,

Yours sincerely,

Tek Bahadur Limbu

(TAG/TDG Group)
Jwl Systems Department

Worldlink Communications Pvt. Ltd.

Jawalakhel, Nepal

http://www.wlink.com.np
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)

iD8DBQFF6V99VrOl+eVhOvYRAsf6AJ4tttOBTDoMcx/Cp1R/G9iAjUc/cQCfSnfQ
NXly6YRmPzjKbbppIroPtzs=
=2Z/B
-----END PGP SIGNATURE-----