Solved

netstat TIME_WAIT

Posted on 1998-01-29
4
12,386 Views
Last Modified: 2013-12-23
hi...

Sparc-10, Sol 2.4, 192Mb, running SQL Server.

Here is list of connections to a database listening on port 4100. I don't have a problem with the "ESTABLISHED" connections. But what about the "TIME_WAIT" ones? Whats happening here? and why does output of....
#netstat -n | grep 194.70.47.151.4100 | wc -l
vary constantly from 70 to 110. Users log in once, then log out at the end of the day (12 at the moment).

# netstat -n
TCP
   Local Address        Remote Address    Swind Send-Q Rwind Recv-Q  State
-------------------- -------------------- ----- ------ ----- ------ -------

194.70.47.151.4100   194.70.47.151.52448   8192      0  8192      0 ESTABLISHED
194.70.47.151.54716  194.70.47.151.4100    8192      0  8192      0 ESTABLISHED
194.70.47.151.4100   194.70.47.151.54716   8192      0  8192      0 ESTABLISHED
194.70.47.151.2001   194.70.47.1.2049     17520      0  8760      0 ESTABLISHED
194.70.47.151.54939  194.70.47.151.4100    8192      0  8192      0 ESTABLISHED
194.70.47.151.4100   194.70.47.151.54939   8192      0  8192      0 ESTABLISHED
194.70.47.151.55231  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55233  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55235  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55237  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55239  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55241  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55243  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55245  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55247  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55249  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55251  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55253  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55255  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55257  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT
194.70.47.151.55259  194.70.47.151.4100    8192      0  8192      0 TIME_WAIT


regards
0
Comment
Question by:rickyr
  • 2
4 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 1583100
does man netstat not give the answer?
0
 
LVL 3

Author Comment

by:rickyr
ID: 1583101
Sort of!!!!

TIME_WAIT - Wait after close for remote shutdown retransmission.

It doesn't make much sense to me, There are no remote shutdowns.
Anyway what is a remote shutdown retransmission when it's at home. I really need a detailed explanation of whats going on here. The network connections vary wildly but the users on the system are constant
0
 
LVL 1

Accepted Solution

by:
rjhoward earned 30 total points
ID: 1583102
Found this article in our Knowledge Base.  Hope it helps.

Question:
     Sun Solaris: Why do ports get stuck in the TIME_WAIT state?

     Configuration Data:


     Answer:
     This is due to the 2MSL timeout value, which is a part of the TCP specification. After a connection has been closed by
     both the client and the server, the port becomes unavailable for a certain amount of time, so that a new program does not
     inadvertently get packets that were intended for the old program. On Solaris machines, the 2MSL value may be modified
     by adjusting the /dev/tcp tcp_close_wait_interval ndd variable. (ndd -set /dev/tcp tcp_close_wait_interval value.)

     Q: Why do I get "address already in use" when I try and reuse a port which a previous program had used.

     A1: It could be that the port is still in the TIME_WAIT state (see above). You may confirm this by running netstat, and
     examining the port in question. If this is the case, you must simply wait the couple of minutes it will take for the port to get
     out of the TIME_WAIT state.

     A2: It could be that the program you are using does not correctly list the port as one that may be reused. You should
     verify that your program is setting the SO_REUSEADDR socket option.

     References to Procedures:


     Additional Information/Comments:
     For additional information on how to use ndd to change TCP parameters, do man ndd. Under Solaris 2.5 or higher, you
     will need to be root to display network configuration values using ndd.The above information is from Sun Technical
     support. SO#: 3165922 - TCP Questions
     Product Support Document (PSD) for Sockets Programming Including Sockets Programming
     Revision 1.3
     Date: April 9, 1996
0
 
LVL 3

Author Comment

by:rickyr
ID: 1583103
Hello rj....
Thanks for that detailed answer. It makes alot of sense to me
as The users that log in do not send/receive anything for long periods of time while they are doing other tasks, this could explain the time-outs you talk about, along with the rest of the info you supplied, This is a good starting point for more investigation.

Thanks again

ricky
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setting up a VPN 60 143
DNS and NSLOOKUP 21 75
Sonicwall blocks a site 49 78
Is it possible to host a website on a windows vps 4 60
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question