[Gross] grossd - blocker TIME_WAIT connections
jesse.thompson at doit.wisc.edu
Wed Sep 5 14:52:38 EEST 2007
Eino Tuominen wrote:
> Jesse Thompson wrote:
>> version 0.8.2
>> I've been trying to figure out why I'm been having trouble scping and
>> sshing from my gross servers. One thing we noticed was a large number
>> of connections to the Sophos blocker in TIME_WAIT state.
>> netstat -n | grep TIME_WAIT | grep -c 4466
> I think it is. It means that you are making some 100 blocker queries per
> second. The problem with the current blocker check implementation is
> that the connections are not reused. So grossd opens a new TCP
> connection for each blocker query.
Ah. ok. The ssh issue isn't a big enough problem to warrant major code
changes in grossd. We've got the TIME_WAIT cleanup set to 60 seconds,
so we may try turning it down to 30 or 45 to see if it helps.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3340 bytes
Desc: S/MIME Cryptographic Signature
More information about the Gross