On Wed, Dec 12, 2007 at 10:42:23PM +0100, knitti wrote: > On 12/12/07, Daniel Ouellet <[EMAIL PROTECTED]> wrote: > > net.inet.tcp.keepidle > > net.inet.tcp.keepinittime > > net.inet.tcp.keepintvl > > net.inet.tcp.rstppslimit > > net.inet.tcp.synbucketlimit > > net.inet.tcp.syncachelimit > > nope, shoudn't apply, unless my TCP knowledge is wrong or there > is a bug, which makes it affecting it unintentional > > > > >> My point with PF here was that it would reduce the possible numbers of > > >> close_wait state you could possibly see in the first place, witch is one > > >> of the original goal of the question. > > > > > > Why? > > > > OK, I could be wrong and I am sure someone with a huge stick will hit me > > with it if I say something stupid, and/or there might be something I am > > overlooking or not understanding fully, witch is sure possible as well. (;> > > > > But if httpd received a fake connection that do not do the full > > handshake, isn't it there a socket open and/or use by httpd for that > > fake connection anyway. Meaning it tries to communicate with that fake > > source and can't and eventually will close and (that's where may be I am > > failing here) will end up in close_wait may be? > > no fake connections involved, CLOSE_WAIT is a state _after_ having a > fully established connection > > > Or, are you saying that the ONLY possible way a socket end up in > > close_wait state is ONLY when and ONLY possible if it was fully open > > properly in the first place? If so, then I stand corrected and I was/am > > wrong about that part of my suggestions. So, is it the case then? > > Yes. Random example: > http://www4.informatik.uni-erlangen.de/Projects/JX/Projects/TCP/tcpstate.html >
I did not follow the complete thread, but I like to mention one thing: there might be half open connections involved here. A client might do a half close (i.e. shutdown(SHUT_WR)) after sending a request. This will make the connection a half-duplex one. iirc, after the shutdown, the server moves to CLOSE_WAIT, but will still be able to send data to the client, until it decides that it is done and closes down the connection. -Otto