Date: Sun, 4 Mar 2007 13:28:14 +0545 From: Tek Bahadur Limbu <teklimbu@wlink.com.np> To: Grant Peel <gpeel@thenetnow.com> Cc: freebsd-questions@freebsd.org Subject: Re: Fw: FIN_WAIT_2 Message-ID: <20070304132814.e959303e.teklimbu@wlink.com.np> In-Reply-To: <004801c75d91$f809ee70$6501a8c0@GRANT> References: <00aa01c758c6$f8dadb90$6501a8c0@GRANT> <20070225193804.19bc9280.teklimbu@wlink.com.np> <00d501c759b8$b7dc4870$6501a8c0@GRANT> <20070303172857.2561b918.teklimbu@wlink.com.np> <004801c75d91$f809ee70$6501a8c0@GRANT>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 3 Mar 2007 07:46:31 -0500 "Grant Peel" <gpeel@thenetnow.com> wrote: > Do you have ipfw or other firewall running? > > Did you restart the network? > > -Grant Hi Grant, Yes I do have IPFW running. Well I did not restart the network interface of my NIC card. > > ----- Original Message ----- > From: "Tek Bahadur Limbu" <teklimbu@wlink.com.np> > To: "Grant Peel" <gpeel@thenetnow.com> > Cc: <freebsd-questions@freebsd.org> > Sent: Saturday, March 03, 2007 6:43 AM > Subject: Re: Fw: FIN_WAIT_2 > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On Mon, 26 Feb 2007 10:13:49 -0500 > > "Grant Peel" <gpeel@thenetnow.com> wrote: > > > >> Hi All, > >> > >> I have done some research ... > >> > >> It appears that inn certain conditions, when the > >> net.inet.ip.fw.dyn_keepalive=1 (sysctl), remote clients or other > >> servers may not respond, and a new rule or dynamic rule is setup. > >> turning this to 0 seemed to help. > >> > >> The effect (of having net.inet.ip.fw.dyn_keepalive=1) is that over > >> time, hundreds of FIN_WAIT_2 tcp states occure. With some software, > >> (vm-pop3d), it runs out of sockets, and I suspect the daemon does > >> not know how to hadle this. > >> > >> So do a: > >> > >> sysctl net.inet.ip.fw.dyn_keepalive=0 > >> > >> and in about 10 minutes all FIN_WAIT_2 's dissappear. (well almost > >> all). > >> > >> I expect it virtually shut down dynamic rules too in ipfw, but I > >> have been reading more and more that people are saying don't use > >> dynamics on a busy site. Anyone care to comment. > >> > >> -Grant > > > > Hi Grant, > > > > I have set sysctl net.inet.ip.fw.dyn_keepalive=0. But both > > FIN_WAIT_1 and FIN_WAIT_2 does not seem to disappear. Even now, my > > squid proxy box shows: > > > > 15 CLOSE_WAIT > > 5 CLOSING > > 2260 ESTABLISHED > > 2083 FIN_WAIT_1 > > 829 FIN_WAIT_2 > > 132 LAST_ACK > > 5 LISTEN > > 28 SYN_SENT > > 177 TIME_WAIT > > 1 been > > > > Can you shed some light on this ? > > > > Thanking you.. > > > > - -- > > > > > > With best regards and good wishes, > > > > Yours sincerely, > > > > Tek Bahadur Limbu > > > > (TAG/TDG Group) > > Jwl Systems Department > > > > Worldlink Communications Pvt. Ltd. > > > > Jawalakhel, Nepal > > > > http://www.wlink.com.np > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.2.2 (FreeBSD) > > > > iD8DBQFF6V99VrOl+eVhOvYRAsf6AJ4tttOBTDoMcx/Cp1R/G9iAjUc/cQCfSnfQ > > NXly6YRmPzjKbbppIroPtzs= > > =2Z/B > > -----END PGP SIGNATURE----- > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFF6niSVrOl+eVhOvYRAseoAJ9sES87uREtTLQ9jSOs34H71o0edwCdGhwu jx0zuHI9iuLkKuiBlSRvJ1k= =nZ6y -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070304132814.e959303e.teklimbu>