Help with to many open TCP sessions.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am having a session problem with my hardware
firewall.  I believe it is because I have 10 linux
servers behind it.  The hardware firewall has a 128k
concurrent session maximum.

I tried turning down the keepalive and these

echo "net.ipv4.tcp_fin_timeout = 30" >>
/etc/sysctl.conf
echo "net.ipv4.tcp_keepalive_time = 1800" >>
/etc/sysctl.conf
echo "net.ipv4.tcp_window_scaling = 0" >>
/etc/sysctl.conf
echo "net.ipv4.tcp_sack = 0" >> /etc/sysctl.conf
echo "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf


Ip:
    1095058 total packets received
    0 forwarded
    0 incoming packets discarded
    939742 incoming packets delivered
    1426602 requests sent out
    2 reassemblies required
    1 packets reassembled ok
Icmp:
    62 ICMP messages received
    0 input ICMP message failed.
    ICMP input histogram:
        destination unreachable: 12
        echo requests: 50
    13675 ICMP messages sent
    0 ICMP messages failed
    ICMP output histogram:
        destination unreachable: 13625
        echo replies: 50
Tcp:
    103522 active connections openings
    282 passive connection openings
    0 failed connection attempts
    528 connection resets received
    61 connections established
    1021085 segments received
    1348536 segments send out
    103958 segments retransmited
    106 bad segments received.
    163522 resets sent
Udp:
    59967 packets received
    13614 packets to unknown port received.
    0 packet receive errors
    75176 packets sent
TcpExt:
    ArpFilter: 0
    6192 TCP sockets finished time wait in fast timer
    50385 delayed acks sent
    4 delayed acks further delayed because of locked
socket
    Quick ack mode was activated 7418 times
    5 packets directly queued to recvmsg prequeue.
    2921 packets directly received from prequeue
    266564 packets header predicted
    TCPPureAcks: 202419
    TCPHPAcks: 286305
    TCPRenoRecovery: 18
    TCPSackRecovery: 0
    TCPSACKReneging: 0
    TCPFACKReorder: 0
    TCPSACKReorder: 0
    TCPRenoReorder: 0
    TCPTSReorder: 0
    TCPFullUndo: 0
    TCPPartialUndo: 0
    TCPDSACKUndo: 0
    TCPLossUndo: 11917
    TCPLoss: 0
    TCPLostRetransmit: 0
    TCPRenoFailures: 3138
    TCPSackFailures: 0
    TCPLossFailures: 4706
    TCPFastRetrans: 18
    TCPForwardRetrans: 0
    TCPSlowStartRetrans: 5239
    TCPTimeouts: 50596
    TCPRenoRecoveryFail: 4
    TCPSackRecoveryFail: 0
    TCPSchedulerFailed: 0
    TCPRcvCollapsed: 0
    TCPDSACKOldSent: 0
    TCPDSACKOfoSent: 0
    TCPDSACKRecv: 0
    TCPDSACKOfoRecv: 0
    TCPAbortOnSyn: 0
    TCPAbortOnData: 20780
    TCPAbortOnClose: 367
    TCPAbortOnMemory: 0
    TCPAbortOnTimeout: 4666
    TCPAbortOnLinger: 0
    TCPAbortFailed: 0
    TCPMemoryPressures: 0


Regards, 

Mike





	
		
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/ 
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux