nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TCP time_wait and port exhaustion for servers

From: William Herrin <bill () herrin us>
Date: Wed, 5 Dec 2012 13:58:58 -0500
On Wed, Dec 5, 2012 at 12:09 PM, Ray Soucy <rps () maine edu> wrote:

Like most web traffic, the majority of these connections open and
close in under a second.  When we get to a point that there is enough
traffic from users behind the proxy to be generating over 500 new
outgoing connections per second, sustained, we start having users
experience an error where there are no local ports available to Squid
to use since they're all tied up in a TIME_WAIT state.

Here is an example of netstat totals on a box we're seeing the behavior on:

481947 TIME_WAIT


Stupid question but how does 500 x 60 = 481947?  To have that many
connections in TIME_WAIT on a 60 second timer, you'd need more like
8000 connections per second, wouldn't you?

Regards,
Bill Herrin




-- 
William D. Herrin ................ herrin () dirtside com  bill () herrin us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
Previous By Date Next
Previous By Thread Next

Current thread: