Hello,
[LEFT]My config:
SLES 10 sp1
Apache / drupal / mysql [/LEFT]
[LEFT]I have a saturation of TCP ports on this hosts. Hosting about 60 websites. The event tonight was ~200 hits minutes.
With "netstat-n" I see ~5500 connections. Including approximately 3800 in FIN_WAIT1.
As a first step I would like to know how I could close the ports. With cron every min for example even if it is not very recommendable. Then what caused this escalation.[/LEFT]
Thanks for your help
This generally is an application issue (look at SO_LINGER for example). The client is not receiving the CLOSE_WAIT confirmation from the server and thus leaving the socket open or visa versa. May also (rarely) be caused by settings in network routers and switches which limit packet size. Do a Web search - lots of information on this issue out there on the Internet.
You should be able to use sysctl to manage this issue until you figure out which application is causing the problem.
Very nice for your answers fpmurphy.
Thanks for sysctl.
I spend all my day on this. Finally you are right.
The problem came from a couple of firewall. A switch occurs the night before between them. And they are different in their config. The admin say it's impossible. But in fact it is.
Sorry for my poor english
Best regards
Since you are running Apache, it is better to adjust your TCP parameters in your apache.conf files. You don't need to adjust your kernal TCP parameters using sysctl() when your application is Apache.