TCP Socket problem

Dear all,

When I type 'netstat -a | more', there are a lot of  FIN_WAIT_2 state in HP-UX.

Can anyonre tell me how to remove all the FIN_WAIT_2 connetion?


Thanks

Benson

benson031397Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

elfieCommented:

check the document, and search here for FIN_WAIT. A full explanation is given.


 http://www.openview.hp.com/pdfs/176.pdf
0
benson031397Author Commented:
Any other suggestion?  It seems that the above answer cannot solve the problem.

Becasue I cannot connect the site to get the script which the document mentioned.
0
BeatachonCommented:
you can't remove a FIN_WAIT2'ing
socket.. you just have to let it time out. The length of that timeout
is tunable in the kernel, but I believe the default timeoutis 4 minutes.

0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

benson031397Author Commented:
After several days,  The FIN_WAIT_2 is still there.
0
bcwhiteCommented:
What OS are you using?

The FIN_WAIT_2 state is exited upon receipt of a FIN message from the remote side.  It should, however, timeout after a certain amount of time and advance to the TIME_WAIT state (which will also eventually timeout and advance to the CLOSED state).

So, it would appear that you locally closed a TCP connection and thus sent a FIN packet to the remote side.  The remote side ACK'd this FIN but never sent one of it's own (or it got lost).

It sounds to me like a bug in the OS, but I can't say for sure.

-- Brian
0
benson031397Author Commented:
The OS¡@is HP-UX
0
elfieCommented:
I just checked my link again .. For me it works, but you need acrobat reader before accessing it (pdf --> acrobat).


Other way to find 'the' document.
 - goto hp.com.com
  - hit the 'search' link
  - fill in FIN_WAIT_2
  - .. hit the result links ..

0
edolceCommented:
There is no way to remove the socket in the FIN_WAIT_2 status.
The only way is to stop the process that generated them.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
elfieCommented:
If you can't access the document
http://www.openview.hp.com/pdfs/176.pdf
i post a copy of the interesting pages
 if you want.
0
Anju111599Commented:
Here is the relevant text from the document you need:

C.6.0 Connections stay in state FIN_WAIT_2

Over time netstat might report TCP connections left in state FIN_WAIT_2.
These are never closed and fill up the system. This is a known DCE problem
described in SR # 1653144972:

*** PROBLEM TEXT ***
There are cases where we can get FIN_WAIT_2 connections that never go away.  We need a timer that customers can set to remove these connections.

*** FIX TEXT ***
Functionality has been added to the transport to allow customers to turn
FIN_WAIT_2 timer on. The default is OFF. Customers need a new script that
turns this timer ON and sets it to customer defined time. This functionality will be in every release or patch dated after 12/01/95.

*** ADDITIONAL INFO ***
This timer is "tcp_fin_wait_timer" and was introduced in patch PHNE_6586
(800 9.04). You also need the "unsupported" script, which is called "set_fin_time" to actually set the timer to something other than the default (no
timeout).

Using the script will not clear any sockets already "stuck", only sockets created after the timer has been set.
To get the script to set the timer, contact the HP Response Center to get it from:
http://ovweb.bbn.hp.com/suc/hp/htdocs/ito/database/networking/set_fin_time

This script has to be called after every reboot before the ITO server processes are started. A call like:
# set_fin_time -t 1200
will cause all TCP connections in FIN_WAIT_2 state to be closed after 10
minutes.

Note: The timer removing connections which are hanging in FIN_WAIT_2, breaks
RFC793. This is the reason why the timer will NOT be supported.
0
MoondancerCommented:
This question was awarded, but never cleared due to the JSP-500 errors of that time.  It was "stuck" against userID -1 versus the intended expert whom you awarded.  This corrects the problem and the expert will now receive these points; points verified.

Please click on your Member Profile and select "View Question History" to navigate through any open or locked questions you may have to update and finalize them.  Or if you are an EE Pro user, click the link below to select open items for your Member ID using Power Search:
http://www.experts-exchange.com/jsp/qPowerSearch.jsp.

This is the Community Support link, if help is needed, along with the link to All Topics which reflects many TAs recently added.

http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
http://www.experts-exchange.com/jsp/zonesAll.jsp
 
Thank you,
Moondancer
Moderator @ Experts Exchange
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
System Programming

From novice to tech pro — start learning today.