From owner-freebsd-questions@FreeBSD.ORG Sun Mar 4 07:43:37 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3047616A4C7 for ; Sun, 4 Mar 2007 07:43:37 +0000 (UTC) (envelope-from teklimbu@wlink.com.np) Received: from smtp5.wlink.com.np (smtp5.wlink.com.np [202.79.32.52]) by mx1.freebsd.org (Postfix) with SMTP id 3DD8513C491 for ; Sun, 4 Mar 2007 07:43:34 +0000 (UTC) (envelope-from teklimbu@wlink.com.np) Received: (qmail 14609 invoked from network); 4 Mar 2007 07:43:31 -0000 Received: from unknown (HELO smtp1.wlink.com.np) (202.79.32.76) by 0 with SMTP; 4 Mar 2007 07:43:31 -0000 Received: (qmail 11468 invoked by uid 98); 4 Mar 2007 07:43:31 -0000 Received: from 202.79.36.216 by smtp1.wlink.com.np (envelope-from , uid 1009) with qmail-scanner-1.25 (clamdscan: 0.88.4/2205. Clear:RC:1(202.79.36.216):. Processed in 0.078968 secs); 04 Mar 2007 07:43:31 -0000 X-Qmail-Scanner-Mail-From: teklimbu@wlink.com.np via smtp1.wlink.com.np X-Qmail-Scanner: 1.25 (Clear:RC:1(202.79.36.216):. Processed in 0.078968 secs) Received: from [202.79.36.216] (HELO teklimbu.wlink.com.np) by smtp1.wlink.com.np (qmail-smtpd) with SMTP; 04 Mar 2007 07:43:28 -0000 (Sun, 04 Mar 2007 13:28:28 +0545) Received: from teklimbu.wlink.com.np ([202.79.36.216]) by teklimbu.wlink.com.np with smtp (Exim 4.66) (envelope-from ) id 1HNlNI-000MFy-0A; Sun, 04 Mar 2007 13:28:20 +0545 Date: Sun, 4 Mar 2007 13:28:14 +0545 From: Tek Bahadur Limbu To: Grant Peel Message-Id: <20070304132814.e959303e.teklimbu@wlink.com.np> In-Reply-To: <004801c75d91$f809ee70$6501a8c0@GRANT> References: <00aa01c758c6$f8dadb90$6501a8c0@GRANT> <20070225193804.19bc9280.teklimbu@wlink.com.np> <00d501c759b8$b7dc4870$6501a8c0@GRANT> <20070303172857.2561b918.teklimbu@wlink.com.np> <004801c75d91$f809ee70$6501a8c0@GRANT> Organization: Worldlink Communications Pvt. Ltd. X-Mailer: Sylpheed version 2.2.0 (GTK+ 2.8.12; i386-portbld-freebsd6.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Check-By: smtp1.wlink.com.np Spam: No ; 0.3 / 7.0 X-Spam-Status-WL: No, hits=0.3 required=7.0 Cc: freebsd-questions@freebsd.org Subject: Re: Fw: FIN_WAIT_2 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Mar 2007 07:43:37 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 3 Mar 2007 07:46:31 -0500 "Grant Peel" wrote: > Do you have ipfw or other firewall running? > > Did you restart the network? > > -Grant Hi Grant, Yes I do have IPFW running. Well I did not restart the network interface of my NIC card. > > ----- Original Message ----- > From: "Tek Bahadur Limbu" > To: "Grant Peel" > Cc: > Sent: Saturday, March 03, 2007 6:43 AM > Subject: Re: Fw: FIN_WAIT_2 > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On Mon, 26 Feb 2007 10:13:49 -0500 > > "Grant Peel" wrote: > > > >> Hi All, > >> > >> I have done some research ... > >> > >> It appears that inn certain conditions, when the > >> net.inet.ip.fw.dyn_keepalive=1 (sysctl), remote clients or other > >> servers may not respond, and a new rule or dynamic rule is setup. > >> turning this to 0 seemed to help. > >> > >> The effect (of having net.inet.ip.fw.dyn_keepalive=1) is that over > >> time, hundreds of FIN_WAIT_2 tcp states occure. With some software, > >> (vm-pop3d), it runs out of sockets, and I suspect the daemon does > >> not know how to hadle this. > >> > >> So do a: > >> > >> sysctl net.inet.ip.fw.dyn_keepalive=0 > >> > >> and in about 10 minutes all FIN_WAIT_2 's dissappear. (well almost > >> all). > >> > >> I expect it virtually shut down dynamic rules too in ipfw, but I > >> have been reading more and more that people are saying don't use > >> dynamics on a busy site. Anyone care to comment. > >> > >> -Grant > > > > Hi Grant, > > > > I have set sysctl net.inet.ip.fw.dyn_keepalive=0. But both > > FIN_WAIT_1 and FIN_WAIT_2 does not seem to disappear. Even now, my > > squid proxy box shows: > > > > 15 CLOSE_WAIT > > 5 CLOSING > > 2260 ESTABLISHED > > 2083 FIN_WAIT_1 > > 829 FIN_WAIT_2 > > 132 LAST_ACK > > 5 LISTEN > > 28 SYN_SENT > > 177 TIME_WAIT > > 1 been > > > > Can you shed some light on this ? > > > > Thanking you.. > > > > - -- > > > > > > With best regards and good wishes, > > > > Yours sincerely, > > > > Tek Bahadur Limbu > > > > (TAG/TDG Group) > > Jwl Systems Department > > > > Worldlink Communications Pvt. Ltd. > > > > Jawalakhel, Nepal > > > > http://www.wlink.com.np > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.2.2 (FreeBSD) > > > > iD8DBQFF6V99VrOl+eVhOvYRAsf6AJ4tttOBTDoMcx/Cp1R/G9iAjUc/cQCfSnfQ > > NXly6YRmPzjKbbppIroPtzs= > > =2Z/B > > -----END PGP SIGNATURE----- > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFF6niSVrOl+eVhOvYRAseoAJ9sES87uREtTLQ9jSOs34H71o0edwCdGhwu jx0zuHI9iuLkKuiBlSRvJ1k= =nZ6y -----END PGP SIGNATURE-----