Following my summary of "Cannot telnet out of box with thousands of TIME_WAIT
ports", I received many requests for the Solaris TCP stack tuning website I
mentioned in my Summary. The website follows ...
Dave Malhotra <Dave.Malhotra@exodus.net>
09/01/99 01:57 AM GMT
To: John Hilger@Andersen Consulting
Subject: RE: SUMMARY: Cannot telnet out of box with thousands of TIME_WAIT
could you give me the address to the "Solaris TCP stack tuning website?
> -----Original Message-----
> From: firstname.lastname@example.org [SMTP:email@example.com]
> Sent: Monday, August 30, 1999 8:21 PM
> To: firstname.lastname@example.org
> Subject: SUMMARY: Cannot telnet out of box with thousands of
> TIME_WAIT ports
> Thank you to Alan Hill who provided an answer which I believe is the
> answer. I
> have included his response below (which includes my original message as
> I should also mention that I found a "Solaris TCP stack tuning" web site
> mentioned this same recommendation for Web servers. It went on to explain
> by reducing the tcp_close_wait_interval you are effectively reducing the
> of time the TCP stack has to wait for a resource to become available.
> Thanks again Alan,
> John Hilger
> Close wait interval Modification
> > ndd /dev/tcp tcp_close_wait_interval
> > ndd -set /dev/tcp tcp_close_wait_interval 30000
> The first line is to check what the default was set to. The second will
> to a better value.
> This is a problem when you have m$ tcp/ip stacks talking to a real tcp/ip
> I see this problem on HTTP servers and firewalls.
> > -----Original Message-----
> > From: email@example.com [SMTP:firstname.lastname@example.org]
> > Sent: Tuesday, August 17, 1999 8:39 PM
> > To: sunmanagers.ececs.uc.edu
> > Subject: Cannot telnet out of box with thousands of TIME_WAIT ports
> > Sun Managers,
> > I have a strange problem which I have seen twice, yet cannot
> > The
> > only solution I have for the problem is to reboot the system, which
> > the
> > problem, but when this application moves into production this will not
> > an
> > acceptable solution; therefore I must understand. I checked Sunsolve
> > found
> > nothing.
> > I have an Ultra 10 running Solaris 2.6., fully patched. I am able to
> > telnet
> > into the system, but I cannot telnet out. When I attempt to I get an
> > error
> > message "unable to register address". I issued a "kill -1 <inetd PID>",
> > and
> > still I cannot telnet out. When I look at the output of "netstat -a", I
> > see
> > thousands of ports with a status of "TIME_WAIT" ( 38154 to be exact ).
> > Very
> > suspicious !!! I believe I might be running out of ports. I captured
> > output of "netstat -a", "netstat -av", "netstat -i", "netstat -s",
> > "netstat -k",
> > and "sar -A 10 10", hoping that one of these might capture output which
> > would
> > explain it later ( I can send the output to someone if necessary ).
> > Can someone tell me 1) what is the limit on ports (or how can I find
> > out what
> > my limit is if it is a variable), and 2) what might cause the above
> > described
> > error when attempting to telnet out of the box.
> > Thanks,
> > John Hilger
> > email@example.com
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:25 CDT