Henrik, Adam, Alex, Thank you for your advice. I appreciate that. In the last few days, I was investigating the peer packets of FIN/ACK and ACK. I found a little bit strange behavior. When peer clients use TIMESTAMP of TCP option, TIME_WAIT is always clear after linux that running on get ack packet against FIN/ACK. According to the Linux source it's normal process. Since peer doesn't use TIMESTAMP, Linux that running on doesn't release TIME_WAIT soon. If HTTP clients don't use TIMESTAMP option as Windows machine, leaving many TIME_WAIT connections will be our conclusion. That's sort of specification for our Linux. Thanks a lot, Seiji -----Original Message----- From: Alex Rousskov [mailto:rousskov@xxxxxxxxxxxxxxxxxxxxxxx] Sent: Wednesday, February 27, 2008 1:42 PM To: S.KOBAYASHI Cc: 'Squid Users' Subject: RE: I want to purge too many TIME_WAITsimmediatelyafter closing HTTP port. On Tue, 2008-02-26 at 08:53 +0900, S.KOBAYASHI wrote: > My http emulater can send the HTTP packet very fast, so most of squid listen > ports being full in 30 seconds without keep alive, finally http client are > refused to connect from the squid( OS ). > Do you know any other ideas? > Did anyone have same experience ? If your actual problem is one the client side as Henrik indicated, then you can try Web Polygraph (www.web-polygraph.org). Polygraph can use thousands of source IP addresses to have a larger source IP:port space. HTH, Alex. > -----Original Message----- > From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] > Sent: Tuesday, February 26, 2008 5:11 AM > To: S.KOBAYASHI > Cc: 'Squid Users' > Subject: Re: I want to purge too many TIME_WAITs > immediatelyafter closing HTTP port. > > > mån 2008-02-25 klockan 17:59 +0900 skrev S.KOBAYASHI: > > Hello there, > > > > I have a bit problem while majoring the squid performance now. > > There are many TIME_WAIT connections left on the squid port by using high > > performance http client machine, and then the next connection can not > > connect the squid. The client machine has capability to send up to 10,000 > > req/s. > > Why do you consider the TIME_WAIT as such to be a problem? There is no > significant problem to have some hundreds of thousand TIME_WAIT sockets > on a server port. They only consume a little bit of memory each (some > hundreds bytes). > > > I tried to change Linux machine's some parameters as bellow. > > > > sysctl -w net.ipv4.tcp_tw_recycle=1 > > This often have a negative impact. > > > sysctl -w net.ipv4.tcp_max_tw_buckets=50000 > > This will reduce the number of TIME_WAIT sockets to at most 50000, but > will also make the TCP/IP stack no longer conform to specifications and > bad things may happen to legitime traffic from this. > > > sysctl -w net.ipv4.tcp_fin_timeout=1 > > Having this too low may cause a little problem to clients accessing > certain sites incompatible with persistent connections. May result in > connections hanging and never completing in the view of the client. > > > Does anyone know how to purge the TIME_WAIT connections immediately? > > You do not want to do that. Proper TCP/IP depends on TIME_WAIT. > > > The machine running the squid has 16GB memory, the fastest CPU and running > > on 64 bit mode. > > So I don't think you need to worry at all about the sockets when they > have reached the TIME_WAIT state. > > Regards > Henrik > >
