From owner-freebsd-net Fri May 14 5:32:30 1999 Delivered-To: freebsd-net@freebsd.org Received: from ns1.tu-graz.ac.at (ns1.tu-graz.ac.at [129.27.2.3]) by hub.freebsd.org (Postfix) with ESMTP id 9C111154B6 for ; Fri, 14 May 1999 05:31:55 -0700 (PDT) (envelope-from mkamm@fcggsg06.icg.tu-graz.ac.at) Received: from fcggsg06.icg.tu-graz.ac.at (fcggsg06.icg.tu-graz.ac.at [129.27.201.15]) by ns1.tu-graz.ac.at (8.8.6/8.8.6) with ESMTP id TAA12049; Fri, 9 Apr 1999 19:20:38 +0200 (MET DST) Received: (from mkamm@localhost) by fcggsg06.icg.tu-graz.ac.at (8.9.2/8.9.2) id TAA29204; Fri, 9 Apr 1999 19:20:27 +0200 (MDT) Date: Fri, 9 Apr 1999 19:20:27 +0200 (MDT) From: Martin Kammerhofer To: Julian Elischer Cc: Martin Kammerhofer , freebsd-net@FreeBSD.ORG Subject: Re: Coping with 1000s of W95 clients. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 8 Apr 1999, Julian Elischer wrote: > > Now when the server closes the > > connection after no further request came in for 15sec a FIN will be sent > > and acknowledged from the browser's OS. After that the server's TCP is in > > FIN_WAIT_2 state and the browser's in CLOSE_WAIT. > > This is unfortunatly ok, and indistinguishable from the case where > rsh (for example) has closed the input to a remote 'sort' (to allow it to Not quite. Rsh does only a shutdown(how=1) to signal EOF but continues reading. Apache eventually does a full close (after a short delay). While TCP states are the same in both cases rsh would still have the socket open and therefore the FDREF flag set on the socket. After a full close there is no descriptor to the socket left and CANT*MORE flags are both set. This does make a difference when input (other than a FIN only) arrives. Without FDREF (after full close) the connection will we RST by tcp_input(), otherwise input will be acknowledged and queued or discarded. (Input is discarded if SOCANTRCVMORE is set, but it's still acknowledged.) > > The problem is well known, those having installed apache from the FreeBSD > > ports collection can read about it in > > file:/usr/local/share/doc/apache/manual/misc/fin_wait_2.html . > > I don't have this unfortunatly.. > It's also available online on http://www.apache.org/docs/misc/fin_wait_2.html > > The easy solution to shorten FIN_WAIT_2 is simple: > > > > sysctl -w net.inet.tcp.keepintvl=27 > Making it even shorter should cause no problems. The 2MSL is set in finwait2 state only after a full close. In finwait2 our FIN is already acknowledged so the peer knows we are done with our output. If the FIN we are waiting for should arrive there's nobody (no process) who takes note of it. Only the socket is going to TIME_WAIT and times out to CLOSED after 2 MSL. Should there really more than a FIN arrive the connection will be RST anyway. Right know I don't see any problems setting finwait2idle to e.g. 10 sec. The only difference I see is, that those idling clients get RST instead of a last ack when they eventually close their socket. Martin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message