TCP: time wait bucket table overflow
2015-09-04 20:37
806 查看
系统在/var/log/messages中发现大量错误,内容如下:root@real2 ~]# tail -f /var/log/messages
Oct 27 22:45:55 real2 kernel: printk: 1438 messages suppressed.
Oct 27 22:45:55 real2 kernel: TCP: time wait bucket table overflow
Oct 27 22:46:00 real2 kernel: printk: 1682 messages suppressed.
Oct 27 22:46:00 real2 kernel: TCP: time wait bucket table overflow
Oct 27 22:46:05 real2 kernel: printk: 1752 messages suppressed.
Oct 27 22:46:05 real2 kernel: TCP: time wait bucket table overflow
Oct 27 22:46:10 real2 kernel: printk: 1681 messages suppressed.
Oct 27 22:46:10 real2 kernel: TCP: time wait bucket table overflow
Oct 27 22:46:15 real2 kernel: printk: 1660 messages suppressed.
Oct 27 22:46:15 real2 kernel: TCP: time wait bucket table overflow
root@real2 ~]# tail -f /var/log/messagesOct 27 22:45:55 real2 kernel: printk: 1438 messages suppressed.Oct 27 22:45:55 real2 kernel: TCP: time wait bucket table overflowOct 27 22:46:00 real2 kernel: printk: 1682 messages suppressed.Oct 27 22:46:00 real2 kernel: TCP: time wait bucket table overflowOct 27 22:46:05 real2 kernel: printk: 1752 messages suppressed.Oct 27 22:46:05 real2 kernel: TCP: time wait bucket table overflowOct 27 22:46:10 real2 kernel: printk: 1681 messages suppressed.Oct 27 22:46:10 real2 kernel: TCP: time wait bucket table overflowOct 27 22:46:15 real2 kernel: printk: 1660 messages suppressed.Oct 27 22:46:15 real2 kernel: TCP: time wait bucket table overflow 原因:/proc/sys/net/ipv4/tcp_max_tw_buckets的值太小,才2000解决方法:增大 tcp_max_tw_buckets的值,并不是这个值越小越好,我看了我系统中TIME_WAIT 大部是由php-fpm产生的,是属于正常的现象修改 /etc/sysctl.confnet.ipv4.tcp_max_tw_buckets = 20000 sysctl -p 让其生效 附TIME_WAIT [root@real2 ~]#[root@real2 ~]# netstat -an | grep 80 | awk ‘{print $6}’ | sort | uniq -c | sort -rn5395 ESTABLISHED2671 TIME_WAIT978 FIN_WAIT2501 FIN_WAIT1165 SYN_RECV71 LAST_ACK2 CLOSING1 LISTEN[root@real2 ~]# netstat -an | grep 9000 | awk ‘{print $6}’ | sort | uniq -c | sort -rn8550 TIME_WAIT1 LISTEN1 FIN_WAIT11 ESTABLISHED tcp_max_tw_buckets 参数类型:整型
系统在同时所处理的最大timewait sockets 数目。如果超过此数的话﹐time-wait socket 会被立即砍除并且显示警告信息。之所以要设定这个限制﹐纯粹为了抵御那些简单的 DoS ***﹐千万不要人为的降低这个限制﹐不过﹐如果网络条件需要比默认值更多﹐则可以提高它(或许还要增加内存)。
Oct 27 22:45:55 real2 kernel: printk: 1438 messages suppressed.
Oct 27 22:45:55 real2 kernel: TCP: time wait bucket table overflow
Oct 27 22:46:00 real2 kernel: printk: 1682 messages suppressed.
Oct 27 22:46:00 real2 kernel: TCP: time wait bucket table overflow
Oct 27 22:46:05 real2 kernel: printk: 1752 messages suppressed.
Oct 27 22:46:05 real2 kernel: TCP: time wait bucket table overflow
Oct 27 22:46:10 real2 kernel: printk: 1681 messages suppressed.
Oct 27 22:46:10 real2 kernel: TCP: time wait bucket table overflow
Oct 27 22:46:15 real2 kernel: printk: 1660 messages suppressed.
Oct 27 22:46:15 real2 kernel: TCP: time wait bucket table overflow
root@real2 ~]# tail -f /var/log/messagesOct 27 22:45:55 real2 kernel: printk: 1438 messages suppressed.Oct 27 22:45:55 real2 kernel: TCP: time wait bucket table overflowOct 27 22:46:00 real2 kernel: printk: 1682 messages suppressed.Oct 27 22:46:00 real2 kernel: TCP: time wait bucket table overflowOct 27 22:46:05 real2 kernel: printk: 1752 messages suppressed.Oct 27 22:46:05 real2 kernel: TCP: time wait bucket table overflowOct 27 22:46:10 real2 kernel: printk: 1681 messages suppressed.Oct 27 22:46:10 real2 kernel: TCP: time wait bucket table overflowOct 27 22:46:15 real2 kernel: printk: 1660 messages suppressed.Oct 27 22:46:15 real2 kernel: TCP: time wait bucket table overflow 原因:/proc/sys/net/ipv4/tcp_max_tw_buckets的值太小,才2000解决方法:增大 tcp_max_tw_buckets的值,并不是这个值越小越好,我看了我系统中TIME_WAIT 大部是由php-fpm产生的,是属于正常的现象修改 /etc/sysctl.confnet.ipv4.tcp_max_tw_buckets = 20000 sysctl -p 让其生效 附TIME_WAIT [root@real2 ~]#[root@real2 ~]# netstat -an | grep 80 | awk ‘{print $6}’ | sort | uniq -c | sort -rn5395 ESTABLISHED2671 TIME_WAIT978 FIN_WAIT2501 FIN_WAIT1165 SYN_RECV71 LAST_ACK2 CLOSING1 LISTEN[root@real2 ~]# netstat -an | grep 9000 | awk ‘{print $6}’ | sort | uniq -c | sort -rn8550 TIME_WAIT1 LISTEN1 FIN_WAIT11 ESTABLISHED tcp_max_tw_buckets 参数类型:整型
系统在同时所处理的最大timewait sockets 数目。如果超过此数的话﹐time-wait socket 会被立即砍除并且显示警告信息。之所以要设定这个限制﹐纯粹为了抵御那些简单的 DoS ***﹐千万不要人为的降低这个限制﹐不过﹐如果网络条件需要比默认值更多﹐则可以提高它(或许还要增加内存)。
相关文章推荐
- Linux socket 初步
- 10 篇对初学者和专家都有用的 Linux 命令教程
- Linux 与 Windows 对UNICODE 的处理方式
- Ubuntu12.04下QQ完美走起啊!走起啊!有木有啊!
- 解決Linux下Android开发真机调试设备不被识别问题
- 运维入门
- 运维提升
- Linux 自检和 SystemTap
- Ubuntu Linux使用体验
- c语言实现hashmap(转载)
- Linux 信号signal处理机制
- linux下mysql添加用户
- Scientific Linux 5.5 图形安装教程
- 基于 Linux 集群环境上 GPFS 的问题诊断
- 谁是桌面王者?Win PK Linux三大镇山之宝
- vivi下重新调整分区
- Linux VS Unix:Linux欲一统天下 Unix不死
- linux下设定环境变量
- Linux下修改MySQL编码的方法