[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

TCP time_wait and port exhaustion for servers

Subject: TCP time_wait and port exhaustion for servers
From: jako.andras at eik.bme.hu (JÁKÓ András)
Date: Wed, 5 Dec 2012 17:56:06 +0100 (CET)
In-reply-to: <CALFTrnNj2e9HUjukAUi-jtTsuGTugxe2-iEpm8v+wk8JKnuBQA@mail.gmail.com>
References: <CALFTrnNj2e9HUjukAUi-jtTsuGTugxe2-iEpm8v+wk8JKnuBQA@mail.gmail.com>

 Ray,

> With a 60 second timeout on TIME_WAIT, local port identifiers are tied
> up from being used for new outgoing connections (in this case a proxy
> server).  The default local port range on Linux can easily be
> adjusted; but even when bumped up to a range of 32K ports, the 60
> second timeout means you can only sustain about 500 new connections
> per second before you run out of ports.

Is that 500 new connections per second per {protocol, remote address, 
remote port} tuple, that's too few for your proxy? (OK, this tuple is more 
or less equivalent with only {remote address} if we talk about a web 
proxy.) Just curious.

Regards,
Andr?s

Follow-Ups:
- TCP time_wait and port exhaustion for servers
  - From: rps at maine.edu (Ray Soucy)

References:
- TCP time_wait and port exhaustion for servers
  - From: rps at maine.edu (Ray Soucy)

Prev by Date: William was raided for running a Tor exit node. Please help if
Next by Date: TCP time_wait and port exhaustion for servers
Previous by thread: TCP time_wait and port exhaustion for servers
Next by thread: TCP time_wait and port exhaustion for servers
Index(es):
- Date
- Thread