Date: Mon, 7 May 2007 19:01:02 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-stable@FreeBSD.ORG, scrappy@FreeBSD.ORG Subject: Re: Socket leak (Was: Re: What triggers "No Buffer Space) Available"? Message-ID: <200705071701.l47H12JJ034015@lurza.secnetix.de> In-Reply-To: <D2A2BB0F2857DF90BFC07305@ganymede.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Marc G. Fournier wrote: > Now, that makes sense to me, I can understand that ... but, how would > that look as far as netstat -nA shows? Or, would it? For example, I > have: You should use "-na" to list all sockets, not "-nA". > mars# netstat -nA | grep c9655a20 > c9655a20 stream 0 0 0 c95d63f0 0 0 > c95d63f0 stream 0 0 0 c9655a20 0 0 > mars# netstat -nA | grep c95d63f0 > c9655a20 stream 0 0 0 c95d63f0 0 0 > c95d63f0 stream 0 0 0 c9655a20 0 0 > > They are attached to each other, but there appears to be no 'referencing > process' netstat doesn't show processes at all (sockstat, fstat and lsof list sockets by processes). The sockets above are probably from a socketpair(2) or a pipe (which is implemented with socketpair(2), AFAIK). That's perfectly normal. If I remember correctly, you wrote that 11k sockets are in use with 90 jails. That's about 120 sockets per jail, which isn't out of the ordinary. Of course it depends on what is running in those jails, but my guess is that you just need to increase the limit on the number of sockets (i.e. kern.ipc.maxsockets). > Again, if I'm reading / understanding things right, without the 'referencing > process', it won't show up in sockstat -u, which is why my netstat -nA numbers > keep growing, but sockstat -u numbers don't ... which also means that there is > no way to figure out what process / program is leaving 'dangling sockets'? :( Be careful here, sockstat's output is process-based and lists sockets multiple times. For example, the server sockets that httpd children inherit from their parent are listed for every single child, while you see it only once in the netstat output. On the other hand, sockstat doesn't show sockets that have been closed and are in TIME_WAIT state or similar. Are you sure that UNIX domain sockets are causing the problem? Can you rule out other sockets (e.g. tcp)? In that case you should run "netstat -funix" to list only UNIX domain sockets (basically the same as the -u option to sockstat). Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd $ dd if=/dev/urandom of=test.pl count=1 $ file test.pl test.pl: perl script text executable
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200705071701.l47H12JJ034015>