I doubt you need to use SO_KEEPALIVE. A couple of observations:
1. If you have ESTABLISHED state connections on one end that are not
in the same state on the peer, that would indicate something broken in the
network or the stack, rather than in the DS.
2. The DS already has connection timeout features that you can enable:
http://osdir.com/ml/redhat.fedora.directory.user/2006-04/msg00131.html
Gordon Messmer wrote:
This morning I noticed that one of my directory servers has hundreds
of "ESTABLISHED" connections from a coworker's Linux host. The
directory server is running RHEL4, kernel 2.6.9-55.ELsmp, and
tcp_keepalive_time is set to 600. The client no longer shows an
ESTABLISHED connection on the port that is reported by netstat on the
directory server. It reports less than ten open connections.
I'm not sure whether or not an intermediary firewall is doing
something bad, but I expected that the directory server would use
setsockopt() to set SO_KEEPALIVE on its connections so that it could
detect connections that die off. After 600 seconds of inactivity, the
server should start sending probes, and then notify ns-slapd that the
connection is closed.
I'm not sure how I might filter keepalive packets with tcpdump, so I'm
not sure if I can verify that they're being used with that tool. Can
anyone identify the code that *should* be setting SO_KEEPALIVE on the
sockets, or otherwise speculate on why they might not be working?
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
