On Tue, Jul 22, 2014 at 2:56 PM, Paul Henry <[email protected]> wrote: > Thanks so much! It turned out to be a separate issue entirely, one that > appears only in Solaris. When you have a high rate of connections, sockets > sit around in the TIME_WAIT state for a default of 60s. Basically, there's > a bug in Solaris that causes a new connection to be routed (based on what > chooses the ephemeral port) to an existing TIME_WAIT connection. When the > new client sends a SYN, the server responds with an ACK that has an > incorrect sequence number (intended for the old client). This causes the > client to retransmit the SYN and then the server responds correctly.
Ah, you were simply running out of IP 4-tuples on the server. This isn't usually a problem in practice because client IPs are usually much more diverse. (IIRC the behavior on Linux and FreeBSD is to send an RST to the client when this happens instead of not responding to the SYN.) --Michael
