Date: Fri, 14 Apr 2000 12:17:59 +0300 From: Ruslan Ermilov <ru@FreeBSD.org> To: brian@pocketscience.com, brian@FreeBSD.org, cmott@scientech.com, net@FreeBSD.org Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: bin/17963: NATD appears to memory leak when a connection fails from the internal network to the external network. Message-ID: <20000414121759.A37837@relay.ucb.crimea.ua> In-Reply-To: <200004130218.TAA12378@freefall.freebsd.org>; from brian@pocketscience.com on Wed, Apr 12, 2000 at 07:18:39PM -0700 References: <200004130218.TAA12378@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--ZGiS0Q5IWpPtfppv Content-Type: text/plain; charset=us-ascii On Wed, Apr 12, 2000 at 07:18:39PM -0700, brian@pocketscience.com wrote: > [...] > from an internal machine, make several network connections that get > dropped on the remote end (not denied, but connection timeouts) > Please try the following patch. It is for RELENG_3 (latest) sources. Extract patch to the currrent directory, then follow instructions: # mv ./p /tmp # cd /usr/src/lib/libalias # patch </tmp/p # make clean all install # build/install new library # cd /usr/src/sbin/natd # make clean all install # build/install natd with new library BACKGROUND The problem was that the TCP link's timeout was set to TCP_EXPIRE_CONNECTED (86400 secs) right after the first SYN from the client (or from the server for incoming connections). With this change, this huge timeout value will only be applied to ESTABLISHED connections, i.e. only after SYN was seen from both client and server side. TCP links corresponding to failed TCP connections (those which never receive neither SYN-ACK nor RST from server), will be dropped after TCP_EXPIRE_INITIAL (300 seconds) timeout. Cheers, -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank, ru@FreeBSD.org FreeBSD committer, +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --ZGiS0Q5IWpPtfppv Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=p Index: alias_db.c =================================================================== RCS file: /usr/FreeBSD-CVS/src/lib/libalias/alias_db.c,v retrieving revision 1.10.2.5 diff -u -p -r1.10.2.5 alias_db.c --- alias_db.c 1999/12/21 00:04:09 1.10.2.5 +++ alias_db.c 2000/04/14 08:34:44 @@ -1538,22 +1538,19 @@ SetStateIn(struct alias_link *link, int /* TCP input state */ switch (state) { case ALIAS_TCP_STATE_DISCONNECTED: - if (link->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED) { + if (link->data.tcp->state.out != ALIAS_TCP_STATE_CONNECTED) link->expire_time = TCP_EXPIRE_DEAD; - } else { + else link->expire_time = TCP_EXPIRE_SINGLEDEAD; - } - link->data.tcp->state.in = state; break; case ALIAS_TCP_STATE_CONNECTED: - link->expire_time = TCP_EXPIRE_CONNECTED; - /*FALLTHROUGH*/ - case ALIAS_TCP_STATE_NOT_CONNECTED: - link->data.tcp->state.in = state; + if (link->data.tcp->state.out == ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_CONNECTED; break; default: abort(); } + link->data.tcp->state.in = state; } @@ -1563,22 +1560,19 @@ SetStateOut(struct alias_link *link, int /* TCP output state */ switch (state) { case ALIAS_TCP_STATE_DISCONNECTED: - if (link->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED) { + if (link->data.tcp->state.in != ALIAS_TCP_STATE_CONNECTED) link->expire_time = TCP_EXPIRE_DEAD; - } else { + else link->expire_time = TCP_EXPIRE_SINGLEDEAD; - } - link->data.tcp->state.out = state; break; case ALIAS_TCP_STATE_CONNECTED: - link->expire_time = TCP_EXPIRE_CONNECTED; - /*FALLTHROUGH*/ - case ALIAS_TCP_STATE_NOT_CONNECTED: - link->data.tcp->state.out = state; + if (link->data.tcp->state.in == ALIAS_TCP_STATE_CONNECTED) + link->expire_time = TCP_EXPIRE_CONNECTED; break; default: abort(); } + link->data.tcp->state.out = state; } --ZGiS0Q5IWpPtfppv-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000414121759.A37837>