Aix

Docboyeee · April 22, 2003, 10:41am

We have an RS6000 server running AIX. We currently have approximatly 80 workstations connected via TCP/IP and approximately 40 printers connected via TCP/IP. For some reason, on occasion, all the users are dropped out of the O/S, the connection is closed and when they try to log back on, it gives an error saying that the connection is refused. Is there a TCP/IP setting that needs to be changed to alleviate this problem?

Perderabo · April 22, 2003, 11:53am

We didn't really have much luck the last time you posed this question. We may not have an AIX TCP/IP expert. We need to at least include a link to the other thread.

I hope that someone can help you. But our experts seem to focus on linux, sunos, and hp-ux mostly.

If no one else has an idea, here is a real longshot...

Another box on the network with the same ip-addess might cause this. To prove it, you would need to let the condition happen and then quickly yank the network cable from the aix box. The aix box cannot refuse a connection if it is detached from the network. If you get a connection refused while the aix is detached, you have a clear ip address conflict.

Optimus_P · April 22, 2003, 4:50pm

how many user licenses do you have the machine set for.

since aix 4.3 IBM stoped doing paid licencing but the OS still has a restriction.

you have to change it in the following places.

/etc/security/login.cfg
* maxlogins     The maximum number of simultaneous logins allowed on the system
maxlogins = 100

THEN as root

#/usr/bin/chlicense -u 100

I believe this calls for a reboot also. give that a shot and see if that helps. its not really a tcp/ip problem its just hitting the user limit that is specified. If i am way off base then disreguard this post. heh

hugo_perez · May 9, 2003, 11:00am

To look if the problem is related to the number of users,
you can put in the crontab a script to log the number of users
every 5 minutes. An example will look like:

-------------------------------------------------------------------
Host=`uname -n`
wdate=`date +"%Y%m%d"`
outfile=/var/"$wdate"_users.txt

if [ ! -f /var/"$wdate"_users.txt ]
then
echo " " >> $outfile
echo " " >> $outfile
echo " " >> $outfile
echo "Server: $Host DATE: `date +"%d/%m/%Y"` " >> $outfile
echo " " >> $outfile
echo " Report of users logged in " >> $outfile
echo " " >> $outfile
echo " " >> $outfile
fi

w -u|awk '{print $1 " " $6}' >> $outfile
-------------------------------------------------------------------

If the number of users is near to your limit change the value with chlicense.

Also, the maximum processes that an user can have could be
a problem. Please paste the output of:

lsattr -E -l sys0

if maxuproc is less than 500 change the value.

smitty chgsystem (I don't sure with this fast path).

********************************************************************
But if not a user number limit see:

The chapter five of:

http://www.redbooks.ibm.com/pubs/pdfs/redbooks/sg246184.pdf

To change the network values you must use the no command
see: http://publib.boulder.ibm.com/doc\_link/en\_US/a\_doc_lib/cmds/aixcmds4/no.htm\#A229X9bb6

If you want to do modifications add the lines in the /etc/rc.net

For example:

/usr/sbin/no -o ipqmaxlen=512
/usr/sbin/no -o tcp_sendspace=16384
/usr/sbin/no -o udp_recvspace=16384

see: tcp_recvspace, udpsendspace

see the flag -m of netstat to look if is a mbuff problem, an example
script that work in Solaris to log mbuff values is:

#!/bin/ksh
dia=`date +"%Y%m%d"`
hora=`date +"%H:%M"`
dia2=`date +"%d/%m/%Y"`
LOG=/var/reports/$dia/"$dia"_MonNetBuff.txt
fh=$dia2" "$hora

if [ ! -d /var/reports ]
then
mkdir /var/reports
fi

if [ ! -d /var/reports/$dia ]
then
mkdir /var/reports/$dia
echo "Date Failures Parameter Current Maximum Percentage"|awk '{printf("%16s, %9s, %10s, %7s, %7s, %10s \n",$1,$2,$3,$4,$5,$6)}' > $LOG
fi

touch $LOG

netstat -m |/usr/xpg4/bin/awk -v wdate="$fh" '{if(NR>3 && NR<12){printf("%16s, %9d, %10s, %7d, %7d, %10.2d \n", wdate, $5, $1,$2,$3,($2*100/$3)) }}' >> $LOG

exit 0

use "netstat -na" to look if you have a lot of connections in wait status; when you have the problem. If yes, see also the commands related to close the connections in less time for example:
tcp_timewait, tcp_ttl, tcp_keepintvl, maxttl

For other network commands see:
http://publib.boulder.ibm.com/doc\_link/en\_US/a\_doc\_lib/aixbman/commadmn/tcp_ref.htm\#Q9G2380kevi

Good luck. Hugo.

TioTony · May 10, 2003, 12:42am

Are there any clues in the error log. Type errpt to see a list of the errors if any. errpt -a will show you the detail of the errors.