I have been working on a project regarding TCP/IP socket connection and message transferring through these sockets. I am connecting to a UNIX server with a specific IP address and establishing socket connections. So far I could manage roughly 16000 connections from 1 host (in this case this is my own pc). And when I try establishing other connections from other hosts (either it is Mac Osx or Windows PC), I reached the same maximum connection number, 16000.
I can have 65536 connections on server side and I literally maintained that. But only when it is 16000 connections in each of 4 different computers. I wonder why I have this and how I can establish more than 16000 connections from only 1 host.
On Windows systems the TCP stack is subject to several registry parameters. They're arcane and poorly documented, and had changed with newer (Vista, Win7, Win8) releases, they also vary between desktop OS and server OS flavors.
Some KBs and MSDN articles cover the subject:
Tuning TCP/IP for Performance (a tad dated).
TCP/IP and NBT configuration parameters
TCP/IP Configuration Parameters
But this article is more to the point for your problem: Avoiding TCP/IP Port Exhaustion. Although is BizTalk related, the topic and solution are generic: increase MaxUserPort and decrease TcpTimedWaitDelay (careful with the later one though). The specifics your system ends up supporting vary, so you have to play with the settings. Make sure your test machines are 64 bit processor, 64 bit OS, and have enough of RAM (>4Gb).
For OS X I hope somebody else will provide the details.
Related
I'm trying to establish a connection using sockets between 2 PC's on the same LAN using the Eiffel Programming Language. I'm trying to run the examples that are by default on the installation directory of Eiffel Studio. However right now I'm trying to make it on the same machine by addressing to localhost (127.0.0.1).
It works perfectly on Linux (Ubuntu 15.10) but on windows 7 I'm getting an exception when I try to run the client program. The code of the exception is 24 Unable to establish connection. The server program runs just fine and I already got a connection between a client on linux and a server on windows. I didn't find a solution to this exception on the documentation nor on other sites. Here is a screencap:
Screencap of the debugger
Here is a link to the doc:
https://www.eiffel.org/doc/solutions/Two%20Machines
Thank you in advance.
The issue might be caused by the fact that some ports are used and others are reserved by the system. In particular the port range 0-1023 is designated for use by common system and network services. Ports beyond this range can also be registered (e.g., Service Name and Transport Protocol Port Number Registry or List of TCP and UDP port numbers). System security settings could also prevent applications from using specific port numbers.
The solution is to look for and to use port numbers that are available for user applications. Ports currently used on Windows can be found with netstat -an, what can be used is related to TCP/IP and firewall settings. The simplest approach is to try using some other port numbers, e.g. in the range 1024-49151.
I have a requirement in which server needs to interact with 2 clients, one residing on local machine and one on remote.
So, initially I was thinking of creating a socket using AF_UNIX for communication with local client (since its faster than AF_INET), and AF_INET in case of communication with remote, and polling between them.
But in case of local client, channel will only be created in the beginning which will exist permanently till the server is running, i.e. single accept, followed by multiple read/writes.
So, can I replace this AF_UNIX with AF_INET, since the connection establishment will be done only once?
Where does performance hits in case of AF_INET? Is it in three-way handshake or somewhere else as well?
Quote from Performance: TCP loopback connection vs Unix Domain Socket:
When the server and client benchmark programs run on the same box, both the TCP/IP loopback and unix domain sockets can be used. Depending on the platform, unix domain sockets can achieve around 50% more throughput than the TCP/IP loopback (on Linux for instance). The default behavior of redis-benchmark is to use the TCP/IP loopback.
However, make sure that the performance gain is worth the tradeoff of complicating the network stack of your application (by using various types of sockets depending on client location).
I connect to a web server supported by an embedded system with Internet Explorer 9. Windows 7 is on the client side.
The web page have many tabs and I browse across until the problem occurs. It takes about one minute to happen.
The embedded system freezes so it not possible to browse and it does not respond to ping. After a moment the embedded system will recover because it is designed to reboot. I joined a Wireshark trace in which you can see 92 connections (use the filter "tcp.stream eq 0" with values [0,91]) and you will see. I have the source code so I know that the embedded system does not support more than 37 simultaneous connections. Is the cause an exhaustion of the resources?
But I have a more basic question and I really more appreciate an answer to it. The web server is at 172.21.1.12 port 80 and the client is at
172.21.9.70 and variable port numbers (see the trace). Because the IP and port on the server side do not change, how many sockets are in use on the server side? The question is important because the more sockets are opened, the more probably there is an exhaustion of the resources.
If the answer is only 1 socket then I must conclude there is no lack of resources because it can support 37.
I also suggest you use the filter ip.addr == 172.21.1.12 in Wireshark.
I thought I could upload the wireshark file. I dont know how to share it with you. Help please?
Dropbox?
Under the caveat that you haven't specified your embedded system, most TCP stacks will create a new socket for each new connection, and the mapping from socket to connection is 1-1.
When a packet arrives to the network stack, it has to associate that packet to the right socket. Usually, this is accomplished by employing a map from the TCP 4-tuple to the socket, where the 4-tuple consists of [local-ip, local-port, remote-ip, remote-port].
A server makes its service available by listening on a fixed local port that is known to clients wanting to use the service. As you understand, this is usually port 80 for a web server, and the software interface for most TCP implementations dedicate a socket for the purpose of allowing the API to perform operations on the network parameters for this service. However, the socket is not fully connected (the last two parts of the 4-tuple are set to a special "not specified" value, usually all bits 0). When a new connection is accepted, a new socket is created where the 4-tuple consists of the local information of the listening socket and the remote information taken from the source address and port of the SYN packet that initiated the TCP connection.
The limit on the number of connections a server can support is based on how the operating system is configured (you say yours limits it to 37). Using the 4-tuple, a single service (that is a fixed local-ip and local-port) will have an absolute limit of (2ADDR_BITS - RESERVED_ADDRS) × (216 - RESERVED_PORTS). For IPv4, the number of bits is 32, while for IPv6, the number of bits is 128.
When creating a connection, the client will specify the destination address and port (which fills out the remote information for the 4-tuple), but usually leave the source information unspecified. The TCP stack will choose an appropriate source address based on routing, and select an available source port (which will become the local information to complete the 4-tuple). In theory, any source port that is not being used by the selected local interface to communicate to the same remote service can be used as the local port. Most stacks will dedicate a set of the higher numbered ports for this purpose (referred to as the ephemeral port range).
Since port numbers are limited to 65536, is there a limit for the connection num?
How does each connection differs from each other?
If it's by port,then there can never been more than 65536 connections at the same time?
There's many different pieces in play. Since a connection is defined by (Src IP, Src Port, Dest IP, Dest Port) tuples, you're allowed 65536 ^ 2 connections between two given peers at any given time: from 1 to 1, from 1 to 2, .. from 1 to 65535, etc. And that's just between two peers -- you can of course have many connections open to many peers simultaneously.
BUT, most operating systems limit the number of open filedescriptors / handles per process. This limit was historically low (20), but is now often higher (1024 on my system, ulimit -a will show per-process limits in bash(1)).
In addition to the setrlimit(3) limits on Unix systems, there are also system-wide limits; /proc/sys/fs/file-max on a Linux system will report the maximum number of open files allowed on the entire system. (This is 596118 on my system.) Other systems will have different limits.
And, there may be a limit to the number of open connections enforced by a stateful firewall in the middle. Since each state requires memory in the firewall tables, any will probably enforce some arbitrary limit to avoid running short on memory.
A TCP connection is actually identified by peer IP address + peer port + local IP address + local port, so you could actually have way more than 64k, but I don't know if OSs do the work to allow more than 64k per local IP address. Windows doesn't.
One thing of interest is that ports can remain reserved for a short while after they are closed. (This is done to avoid accidental or intentional crosstalk between old and new connections.) By simply creating and closing a connection on tight loop, you can actually make your machine run out of ports. See http://www.perlmonks.org/?node_id=897591 for Perl code that will hang socket connection calls (on some machines) by using up all the sockets.
UDP also has ports, but UDP doesn't have connections. The socket is therefore identified only by its local IP address + local port, so one can have a maximum of 64k UPD ports on the go per local IP address.
Update: Added paragraph on UDP.
I have a small portable tool which connects to around 150 servers at diverse locations to get a quick status check from them. It is important to get the status for all servers back to the user relatively quickly so the tool connects to the servers in parallel using non-blocking connect, and uses select() to determine when each socket is ready. The use of select() is fairly straightforward, and the tool is failure mature now and works well on Linux. It runs on windows xp, but connections to the vast majority of the servers out there do not complete. The tool staggers the calls to connect to avoid creating what looks like a SYN flood. It connects to one server about 100 msecs. I also have a check in place to ensure FD_SETSIZE is not violated. I have anecdotal evidence from someone else that the behaviour is better on later windows versions, but have not been able to verify.
I have used WinDump to verify that the syn packets are being sent, and I can see ack packets coming back, but select() keeps returning zero, and the code simply can't connect to most of the servers that do exist, and I can connect to just fine with the same code on Linux.
Has anyone seen and or solved any similar issues with many non-blocking connects and select on Windows XP?
After another day or so of digging I seem to have found the answer. On windows XP SP2 there is a limit of 10 concurrent connecting sockets system wide. If 10 or more half open connections exist, a System event is logged noting that the limit has been reached, and new connecting sockets are throttled silently. The System Event number is 4226.
I have fixed my code by adding version checks for Windows XP, and throttled to less than 10 connections on those systems. So far I have no reports of other versions being affected.