The following reply was made to PR os-solaris/3487; it has been noted by GNATS.
From: Georg Hessmann <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: os-solaris/3487: More and more daemons stuck in 'K' state Date: Fri, 4 Dec 1998 15:50:34 +0100 On Fri, Dec 04, 1998 at 01:55:30PM -0000, [EMAIL PROTECTED] wrote: > Synopsis: More and more daemons stuck in 'K' state > > State-Changed-From-To: open-feedback > State-Changed-By: lars > State-Changed-When: Fri Dec 4 05:55:29 PST 1998 > State-Changed-Why: > > Hmm... this looks like a Solaris bug to me. > PR#1190 mentions a similar problem > (see http://bugs.apache.org/index/full/1190). Yup, it sounds very similar. (Site note: On my sun is a oracle db too) Too bad that the story doesn't have a happy end. :) > Please make sure that you have the latest patch cluster > from Sun applied to your machine. I will ask my provider. > Please show me the relevant settings from your > configuration file (KeepAliveTimeout etc.). KeepAlive On MaxKeepAliveRequests 10 KeepAliveTimeout 10 It seems you can reproduce the bug with an easy telnet test on the host. > As a workaround you can try to turn off KeepAlive. At the moment I restart the server every hour. I really won't disable keep-alive... My provider has installed a 'tune' file for tcp. I will include it here. --------------- #!/sbin/sh # # /etc/rcS.d/S31your-tune -> /etc/init.d/your-tune # PATH=/usr/bin:/usr/sbin echo "Tuning Solaris TCP/IP for *internet servers*" # determine, if SunOS 5.6 (Solaris 2.6) or above is installed (care w/ 2.5.1!) osver=`uname -r | sed s/\\\.// | awk '{ print $1*10 }'` # determine, if patch 10358[123]-12 or above is installed (2.5.1: x86+Sparc) # if you are using Solaris < 2.5.1, you must modify this to suit your needs. # since /var is usually not yet mounted, we must look into the kernel module. patch=`strings -a /kernel/drv/tcp | egrep '10358[123]' | awk '{ print $4 }'` if [ -z "$patch" ]; then patch="0-0"; fi patch=`echo $patch | awk -F- '{ print $2*1 }'` # report your findings (for Solari < 2.6 only) /usr/ucb/echo -n " Checking version and patches: " if [ $osver -lt 560 ]; then if [ $patch -gt 0 ]; then /usr/ucb/echo -n "TCP patch pl-$patch found " if [ $patch -ge 12 ]; then echo "(good)" else echo "(too low)" fi else echo "TCP patch missing (bad)" fi else echo "Solaris 2.6 or above (good)" fi # connection Q: *INCREASE* if you suffer from SYN floods, or many drops... if [ $osver -ge 560 -o $patch -ge 12 ]; then # Solaris 2.6 *OR* patch 103582-12 or above applied # o DEFAULT(2.6:tcp_conn_req_max_q) = 128 # o DEFAULT(2.6:tcp_conn_req_max_q0) = 1024 echo " tuning separate connection queues" ndd -set /dev/tcp tcp_conn_req_max_q 1024 # 128 for restrictions ndd -set /dev/tcp tcp_conn_req_max_q0 10240 # 10240 for SYN floods else # Solaris 2.5.1 or below, no patch echo " tuning single connection queue" ndd -set /dev/tcp tcp_conn_req_max 1024 fi # retransmission timeouts # o DEFAULT(2.6:tcp_rexmit_interval_initial) = 3000 # o DEFAULT(2.6:tcp_rexmit_interval_min) = 200 # o DEFAULT(2.6:tcp_rexmit_interval_max) = 240000 # o DEFAULT(2.6:tcp_ip_abort_interval) = 480000 # o DEFAULT(2.6:tcp_ip_abort_cinterval) = 180000 echo " tuning timeouts" ndd -set /dev/tcp tcp_rexmit_interval_initial 3000 ndd -set /dev/tcp tcp_rexmit_interval_min 2000 ndd -set /dev/tcp tcp_rexmit_interval_max 240000 # RFC instead of 2MSL ndd -set /dev/tcp tcp_ip_abort_interval 600000 # 10 minutes before drop ndd -set /dev/tcp tcp_ip_abort_cinterval 60000 # 60 seconds to estab. conn. if [ $osver -ge 560 -o $patch -ge 15 ]; then # Solaris 2.6 *OR* patch 103582-15 or above applied # o DEFAULT(2.6:tcp_slow_start_initial) = 1 echo " tuning slow start bug/feature" ndd -set /dev/tcp tcp_slow_start_initial 2 fi # path MTU discovery, common timers # o DEFAULT(2.6:ip_ire_pathmtu_interval) = 600000 # o DEFAULT(2.6:tcp_keepalive_interval) = 7200000 # two hours # o DEFAULT(2.6:tcp_close_wait_interval) = 240000 # o DEFAULT(2.6:tcp_fin_wait_2_flush_interval) = 675000 echo " tuning pMTU discovery interval and common timers" ndd -set /dev/ip ip_ire_pathmtu_interval 600000 ndd -set /dev/tcp tcp_keepalive_interval 600000 # check every ten minutes ndd -set /dev/tcp tcp_close_wait_interval 60000 # 2MSL value, TIME_WAIT ndd -set /dev/tcp tcp_fin_wait_2_flush_interval 67500 # common parameters # o DEFAULT(2.6:tcp_smallest_anon_port) = 32768 # o DEFAULT(2.6:udp_smallest_anon_port) = 32768 # o DEFAULT(2.6:ip_icmp_err_interval) = 500 # o DEFAULT(2.6:ip_forward_src_routed) = 1 # o DEFAULT(2.6:ip_forward_directed_broadcasts) = 1 # o DEFAULT(2.6:ip_forwarding) = ( if > 1 ) ? 2 : 0 # o DEFAULT(2.6:ip_respond_to_echo_broadcast) = 1 echo " tuning misc. parameters" ndd -set /dev/tcp tcp_smallest_anon_port 8192 ndd -set /dev/udp udp_smallest_anon_port 8192 ndd -set /dev/ip ip_icmp_err_interval 0 ndd -set /dev/ip ip_forward_src_routed 0 # - uncomment, if you don't want to forward pings or other broadcasts # to the broadcast address(es) of your installed interface(s). ndd -set /dev/ip ip_forward_directed_broadcasts 0 # - uncomment, if you have multiple interfaces installed, but don't # want to act as a router (no forwarding). Reasonable for most hosts. ndd -set /dev/ip ip_forwarding 0 # - uncomment, if you don't want to respond to a ping to any of your # broadcast addresses. Beware, it is a valid response, and often used # to determine the UP'n'RUNNING hosts on a particular network. #ndd -set /dev/ip ip_respond_to_echo_broadcast 0 # window sizes # o DEFAULT(2.6:udp_xmit_hiwat) = 8192 # o DEFAULT(2.6:udp_recv_hiwat) = 8192 # o DEFAULT(2.6:tcp_xmit_hiwat) = 8192 # o DEFAULT(2.6:tcp_recv_hiwat) = 8192 echo " tuning windows, buffer sizes and watermarks" ndd -set /dev/udp udp_xmit_hiwat 16384 # max. UDP PDU size for sending ndd -set /dev/udp udp_recv_hiwat 49152 # queue for UDP PDUs (3 * ICP) ndd -set /dev/tcp tcp_xmit_hiwat 32768 # Cockroft's recommendations ndd -set /dev/tcp tcp_recv_hiwat 32768 # Cockroft's recommendations echo "done." ---------------------- Don't know, if there are some dangerous things. Georg. -- | Georg Hessmann | SPIEGEL ONLINE, a+i Webmaster | | [EMAIL PROTECTED] | Brandstwiete 19, 20457 Hamburg | | Nick: Gucky | Phone: +49 (40) 30108-414 Fax: -393 | # include <stddiscl.h> /* Das hier ist alles immer IMHO! */
