[Gllug] TCP connections not closing
Nix
nix at esperi.org.uk
Sun Nov 9 23:43:10 UTC 2003
On Sat, 8 Nov 2003, formi at blueyonder.co.uk moaned:
> sysctl -a | grep -i ttl shows:
>
> net.ipv4.inet_peer_maxttl = 600
> net.ipv4.inet_peer_minttl = 120
> net.ipv4.ip_default_ttl = 64
>
> Any ideas why this is happening?
Because these TTLs don't relate to NAT?
The timeouts you want are in the tcp_timeouts[] array in
net/ipv4/netfilter/ip_conntrack_proto_tcp.c; there is no way to adjust
them without hacking the source.
For reference, as of 2.4.22, they are:
static unsigned long tcp_timeouts[]
= { 30 MINS, /* TCP_CONNTRACK_NONE, */
5 DAYS, /* TCP_CONNTRACK_ESTABLISHED, */
2 MINS, /* TCP_CONNTRACK_SYN_SENT, */
60 SECS, /* TCP_CONNTRACK_SYN_RECV, */
2 MINS, /* TCP_CONNTRACK_FIN_WAIT, */
2 MINS, /* TCP_CONNTRACK_TIME_WAIT, */
10 SECS, /* TCP_CONNTRACK_CLOSE, */
60 SECS, /* TCP_CONNTRACK_CLOSE_WAIT, */
30 SECS, /* TCP_CONNTRACK_LAST_ACK, */
2 MINS, /* TCP_CONNTRACK_LISTEN, */
};
> Source Destination Proto State TTL
> 82.35.34.114,58980 81.86.18.XXX,2200 tcp ESTABLISHED 119:59:59
> 127.0.0.1,32772 127.0.0.1,53 udp 0:00:48
> 192.168.1.25,1229 143.127.8.50,80 tcp ESTABLISHED 88:01:18
> 192.168.1.25,1233 143.127.8.50,80 tcp ESTABLISHED 88:04:27
> 192.168.1.25,1236 143.127.8.50,80 tcp ESTABLISHED 88:07:37
> 192.168.1.22,1110 143.127.8.50,80 tcp ESTABLISHED 87:51:01
> 192.168.1.22,1151 143.127.8.50,80 tcp ESTABLISHED 87:57:22
> 192.168.1.22,1112 143.127.8.50,80 tcp ESTABLISHED 87:54:13
You're misreading this display: that 119:59:59 is 119 *hours*, not 119
*minutes*. So I'd expect it to be still alive.
Most of those connections have seen no traffic for a good few days, but
their initial timeout was consistent with that for a connection in
ESTABLISHED state.
--
`Me, I want exploding spaceships and pulverized worlds and clashes of
billion-year-old empires *and* competently written sentences.'
--- Matt Austern
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list