These connections should persist for a period of time, on the order of
minutes. But no longer than that. If they are around longer than that,
then something is wrong. However, it is very easy to mistake repeating
connections for persistent ones. Try getting netstat output every few
minutes for a half hour or so, and then match up the TIME_WAIT
connections, paying special attention to the local port numbers of the
connections. Since the time these connections stick around is
constant, there may easily be a "steady state" achieved at any moment
where the same number of TIME_WAIT connections to the same hosts are
always observed, but they are in fact different connections.
On 08/11/10 14:15, Aditya Bhargava wrote:
<p>
Hi all,
</p>
<p>
I've been having some trouble recently running OSOL b134 in VirtualBox on a Windows Server 2008 R2 machine. My users have been
complaining of slow SMB access (to the point of being unusable), and I have noticed that after a couple of days I can no longer get
in via SSH (/var/adm/messages gives "Timeout before authentication" and "Monitor not responding". I originally
thought this was a<a href = "http://opensolaris.org/jive/thread.jspa?threadID=132829";>CIFS issue</a>, but
everytime this happens I run netstat and see some "ghost" connections like:
</p>
<p>
192.168.1.60.56082 www02.bcn.fluendo.net.80 5888 0 128872 0
TIME_WAIT
<br />
192.168.1.60.58138 a96-17-8-160.deploy.akamaitechnologies.com.80 6880 0
128872 0 TIME_WAIT
</p>
<p>
Essentially, I would log in every day or so via SSH to check netstat, and saw
nothing but expected SMB connections (though, are they supposed to persist?
Because I seem them even late at night when no one is there to use it). I was
also seeing some connections to dlc.oracle.com until I disabled the package
updater service. I'm not sure what's causing these particular connections, but
I don't expect anything sinister; I opened up FireFox, went to www.google.ca,
and then closed FireFox. Doing netstat again gives, in addition to the above:
</p>
<p>192.168.1.60.60912 gx-in-f136.1e100.net.443 8896 0 129038 0
TIME_WAIT
<br />
192.168.1.60.44167 iw-in-f103.1e100.net.80 6912 0 129038 0
TIME_WAIT
<br />
192.168.1.60.37929 iw-in-f104.1e100.net.80 9408 0 129038 0
TIME_WAIT
<br />
192.168.1.60.61483 iw-in-f104.1e100.net.80 8768 0 129038 0
TIME_WAIT
<br />
192.168.1.60.53973 iw-in-f100.1e100.net.80 6912 0 129038 0
TIME_WAIT
<br />
192.168.1.60.60285 iw-in-f139.1e100.net.80 7168 0 129038 0
TIME_WAIT
<br />
192.168.1.60.53486 74.125.14.84.80 14528 0 128872 0 TIME_WAIT
</p>
<p>
These are all Google. These connections seem to persist indefinitely. Does
anyone know what might be causing this? Remember that this is running in
VirtualBox, which I mention because I've had no such issues on another box I
have that runs OSOL straight on the hardware. The machine that is running the
VM has two NICs, with one being more or less disabled for Windows use and used
by the VM, to get a dedicated NIC.
</p>
<p>
I would appreciate any help! It is becoming rather cumbersome to have to check
the server daily if I can log in, and then restart it if not. Thanks in advance!
</p>
--
blu
It's bad civic hygiene to build technologies that could someday be
used to facilitate a police state. - Bruce Schneier
-----------------------------------------------------------------------|
Brian Utterback - Solaris RPE, Oracle Corporation.
Ph:603-262-3916, Em:brian.utterb...@oracle.com
_______________________________________________
networking-discuss mailing list
networking-discuss@opensolaris.org
