RE: [squid-users] I want to purge too many TIME_WAITsimmediatelyafter closing HTTP port.

Henrik, Adam, Alex,
Thank you for your advice. I appreciate that.

In the last few days, I was investigating the peer packets of FIN/ACK and
ACK.
I found a little bit strange behavior. When peer clients use TIMESTAMP of
TCP option, TIME_WAIT is always clear after linux that running on get ack
packet against FIN/ACK. According to the Linux source it's normal process.
Since peer doesn't use TIMESTAMP, Linux that running on doesn't release
TIME_WAIT soon.
If HTTP clients don't use TIMESTAMP option as Windows machine, leaving many
TIME_WAIT connections will be our conclusion. That's sort of specification
for our Linux.

Thanks a lot,

Seiji

-----Original Message-----
From: Alex Rousskov [mailto:rousskov@measurement-factory.com]
Sent: Wednesday, February 27, 2008 1:42 PM
To: S.KOBAYASHI
Cc: 'Squid Users'
Subject: RE: [squid-users] I want to purge too many
TIME_WAITsimmediatelyafter closing HTTP port.

On Tue, 2008-02-26 at 08:53 +0900, S.KOBAYASHI wrote:

> My http emulater can send the HTTP packet very fast, so most of squid
listen
> ports being full in 30 seconds without keep alive, finally http client are
> refused to connect from the squid( OS ).

> Do you know any other ideas?
> Did anyone have same experience ?

If your actual problem is one the client side as Henrik indicated, then
you can try Web Polygraph (www.web-polygraph.org). Polygraph can use
thousands of source IP addresses to have a larger source IP:port space.

HTH,

Alex.

> -----Original Message-----
> From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
> Sent: Tuesday, February 26, 2008 5:11 AM
> To: S.KOBAYASHI
> Cc: 'Squid Users'
> Subject: Re: [squid-users] I want to purge too many TIME_WAITs
> immediatelyafter closing HTTP port.
>
>
> mån 2008-02-25 klockan 17:59 +0900 skrev S.KOBAYASHI:
> > Hello there,
> >
> > I have a bit problem while majoring the squid performance now.
> > There are many TIME_WAIT connections left on the squid port by using
high
> > performance http client machine, and then the next connection can not
> > connect the squid. The client machine has capability to send up to
10,000
> > req/s.
>
> Why do you consider the TIME_WAIT as such to be a problem? There is no
> significant problem to have some hundreds of thousand TIME_WAIT sockets
> on a server port. They only consume a little bit of memory each (some
> hundreds bytes).
>
> > I tried to change Linux machine's some parameters as bellow.
> >
> > sysctl -w net.ipv4.tcp_tw_recycle=1
>
> This often have a negative impact.
>
> > sysctl -w net.ipv4.tcp_max_tw_buckets=50000
>
> This will reduce the number of TIME_WAIT sockets to at most 50000, but
> will also make the TCP/IP stack no longer conform to specifications and
> bad things may happen to legitime traffic from this.
>
> > sysctl -w net.ipv4.tcp_fin_timeout=1
>
> Having this too low may cause a little problem to clients accessing
> certain sites incompatible with persistent connections. May result in
> connections hanging and never completing in the view of the client.
>
> > Does anyone know how to purge the TIME_WAIT connections immediately?
>
> You do not want to do that. Proper TCP/IP depends on TIME_WAIT.
>
> > The machine running the squid has 16GB memory, the fastest CPU and
running
> > on 64 bit mode.
>
> So I don't think you need to worry at all about the sockets when they
> have reached the TIME_WAIT state.
>
> Regards
> Henrik
>
>
Received on Thu Feb 28 2008 - 00:52:17 MST