lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20101202230245.GA29279@1wt.eu>
Date:	Fri, 3 Dec 2010 00:02:45 +0100
From:	Willy Tarreau <w@....eu>
To:	Stephane Bakhos <nuitari@...tari.net>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: PROBLEM: Infinite listens for haproxy in /proc/net/tcp

Hi,

On Thu, Dec 02, 2010 at 01:18:36PM -0500, Stephane Bakhos wrote:
> This happens whether the file is read directly, or using netstat.
> It looks like haproxy has millions of LISTEN.

I think what you see are not LISTEN sockets but mostly TIME_WAIT.

> We've tried to see if there is a definitive count, but after 20 minutes of 
> running cat /proc/net/tcp we gave up. This is an intermittent problem.

I've been used to experience this on systems which process connections
at higher rates than netstat can output them. Thus, during the time it
takes to netstat to output a given number of connections, new ones
manage to complete the list. I've not tested on 2.6.36 yet, but this
has basically always been the case for me for a very long time, and as
such, I only use ss to display connections. I've recently discovered
that some versions of netstat use netlink to dump the socket list, so
on such versions it would not be an issue.

> According to ss, there is about 5500 connections running on the system.

What normally counts is the rate at which they're refreshed.

Regards,
Willy

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ