Date: Sat, 3 Mar 2007 07:46:31 -0500 From: "Grant Peel" <gpeel@thenetnow.com> To: "Tek Bahadur Limbu" <teklimbu@wlink.com.np> Cc: freebsd-questions@freebsd.org Subject: Re: Fw: FIN_WAIT_2 Message-ID: <004801c75d91$f809ee70$6501a8c0@GRANT> References: <00aa01c758c6$f8dadb90$6501a8c0@GRANT> <20070225193804.19bc9280.teklimbu@wlink.com.np> <00d501c759b8$b7dc4870$6501a8c0@GRANT> <20070303172857.2561b918.teklimbu@wlink.com.np>
next in thread | previous in thread | raw e-mail | index | archive | help
Do you have ipfw or other firewall running? Did you restart the network? -Grant ----- Original Message ----- From: "Tek Bahadur Limbu" <teklimbu@wlink.com.np> To: "Grant Peel" <gpeel@thenetnow.com> Cc: <freebsd-questions@freebsd.org> Sent: Saturday, March 03, 2007 6:43 AM Subject: Re: Fw: FIN_WAIT_2 > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 26 Feb 2007 10:13:49 -0500 > "Grant Peel" <gpeel@thenetnow.com> wrote: > >> Hi All, >> >> I have done some research ... >> >> It appears that inn certain conditions, when the >> net.inet.ip.fw.dyn_keepalive=1 (sysctl), remote clients or other >> servers may not respond, and a new rule or dynamic rule is setup. >> turning this to 0 seemed to help. >> >> The effect (of having net.inet.ip.fw.dyn_keepalive=1) is that over >> time, hundreds of FIN_WAIT_2 tcp states occure. With some software, >> (vm-pop3d), it runs out of sockets, and I suspect the daemon does not >> know how to hadle this. >> >> So do a: >> >> sysctl net.inet.ip.fw.dyn_keepalive=0 >> >> and in about 10 minutes all FIN_WAIT_2 's dissappear. (well almost >> all). >> >> I expect it virtually shut down dynamic rules too in ipfw, but I have >> been reading more and more that people are saying don't use dynamics >> on a busy site. Anyone care to comment. >> >> -Grant > > Hi Grant, > > I have set sysctl net.inet.ip.fw.dyn_keepalive=0. But both FIN_WAIT_1 > and FIN_WAIT_2 does not seem to disappear. Even now, my squid proxy box > shows: > > 15 CLOSE_WAIT > 5 CLOSING > 2260 ESTABLISHED > 2083 FIN_WAIT_1 > 829 FIN_WAIT_2 > 132 LAST_ACK > 5 LISTEN > 28 SYN_SENT > 177 TIME_WAIT > 1 been > > Can you shed some light on this ? > > Thanking you.. > > - -- > > > With best regards and good wishes, > > Yours sincerely, > > Tek Bahadur Limbu > > (TAG/TDG Group) > Jwl Systems Department > > Worldlink Communications Pvt. Ltd. > > Jawalakhel, Nepal > > http://www.wlink.com.np > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2.2 (FreeBSD) > > iD8DBQFF6V99VrOl+eVhOvYRAsf6AJ4tttOBTDoMcx/Cp1R/G9iAjUc/cQCfSnfQ > NXly6YRmPzjKbbppIroPtzs= > =2Z/B > -----END PGP SIGNATURE----- > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004801c75d91$f809ee70$6501a8c0>