Portrange randomized problems - a little bit more info...

Pete French petefrench at keithprowse.com
Fri Jun 11 14:04:31 GMT 2004


O.K., I have been doing a lot of testing with this, though have not yet
managed to generate a lot of useful data sadly.

To summarise - with net.inet.ip.portrange.randomized set to 1 I
am seeing failures of mysql connections from a machine back to a server
on the same machine. These happen rarely, but are freqnet enough that
on a webserver I am seeing a handful every hour.

The effect is real - if I disable net.inet.ip.portrange.randomized then
it goes away completely. I have now tried this on a number of different
machines with different configurations, and all of them give the same
results. The error appears to be tthat the TCP socket cannot
connect.

I have several webservers here which are load balanced so they are all
taking an equal share of the incomming requests. If I enable the
randomisation on one of them and compare netstat -n outout what I see
is that the randomised machine has far more of the mysql connecions
stuck in the TIME_WAIT state. Foir example I just did a snapshot
under very light load - there are 64 connections in that state on the
randomised webserver, comapred to 3 on the non-randomised one.

Does this help track down the problem at all ? Although turning off
the randomisation is a workable workaround, I am concerned that this is the
symptom of some rather more fundamental bug in the TCP code.

-pcf.


More information about the freebsd-stable mailing list