Fw: FIN_WAIT_2
Tek Bahadur Limbu
teklimbu at wlink.com.np
Sat Mar 3 11:44:13 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 26 Feb 2007 10:13:49 -0500
"Grant Peel" <gpeel at thenetnow.com> wrote:
> Hi All,
>
> I have done some research ...
>
> It appears that inn certain conditions, when the
> net.inet.ip.fw.dyn_keepalive=1 (sysctl), remote clients or other
> servers may not respond, and a new rule or dynamic rule is setup.
> turning this to 0 seemed to help.
>
> The effect (of having net.inet.ip.fw.dyn_keepalive=1) is that over
> time, hundreds of FIN_WAIT_2 tcp states occure. With some software,
> (vm-pop3d), it runs out of sockets, and I suspect the daemon does not
> know how to hadle this.
>
> So do a:
>
> sysctl net.inet.ip.fw.dyn_keepalive=0
>
> and in about 10 minutes all FIN_WAIT_2 's dissappear. (well almost
> all).
>
> I expect it virtually shut down dynamic rules too in ipfw, but I have
> been reading more and more that people are saying don't use dynamics
> on a busy site. Anyone care to comment.
>
> -Grant
Hi Grant,
I have set sysctl net.inet.ip.fw.dyn_keepalive=0. But both FIN_WAIT_1
and FIN_WAIT_2 does not seem to disappear. Even now, my squid proxy box
shows:
15 CLOSE_WAIT
5 CLOSING
2260 ESTABLISHED
2083 FIN_WAIT_1
829 FIN_WAIT_2
132 LAST_ACK
5 LISTEN
28 SYN_SENT
177 TIME_WAIT
1 been
Can you shed some light on this ?
Thanking you..
- --
With best regards and good wishes,
Yours sincerely,
Tek Bahadur Limbu
(TAG/TDG Group)
Jwl Systems Department
Worldlink Communications Pvt. Ltd.
Jawalakhel, Nepal
http://www.wlink.com.np
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)
iD8DBQFF6V99VrOl+eVhOvYRAsf6AJ4tttOBTDoMcx/Cp1R/G9iAjUc/cQCfSnfQ
NXly6YRmPzjKbbppIroPtzs=
=2Z/B
-----END PGP SIGNATURE-----
More information about the freebsd-questions
mailing list