HPE Community
Operating System - HP-UX
1752794 Members
5748 Online
108789 Solutions
New Discussion

tune for TCP connection

 
piyut_1
Frequent Advisor

‎07-04-2012 03:32 AM

‎07-04-2012 03:32 AM

tune for TCP connection

all,

 

We are facing the problem related to TCP connection. Many of data packets retransmitted based on output from command 'netstat -p tcp' belows:

 

bash-3.00# netstat -p tcp
tcp:
        3788028404 packets sent
                302696547 data packets (1115116863 bytes)
                420945431 data packets (1198141934 bytes) retransmitted
                559702650 ack-only packets (3320483207 delayed)
                0 URG only packets
                117429 window probe packets
                195238 window update packets
                2925806101 control packets
        2993841515 packets received
                2823999885 acks (for 3179040048 bytes)
                1223412233 duplicate acks
                0 acks for unsent data
                4017454305 packets (2266188985 bytes) received in-sequence
                2292 completely duplicate packets (1290250 bytes)
                74446 packets with some dup, data (75486812 bytes duped)
                469417 out of order packets (535498280 bytes)
                772 packets (2737251106 bytes) of data after window
                11180 window probes
                2126345622 window update packets
                1620891 packets received after close
                0 segments discarded for bad checksum
                0 bad TCP segments dropped due to state change
        2789987905 connection requests
        2235916025 connection accepts
        730936634 connections established (including accepts)
        829750618 connections closed (including 106399089 drops)
        100661833 embryonic connections dropped
        1338116067 segments updated rtt (of 1338116067 attempts)
        412613609 retransmit timeouts
                734960 connections dropped by rexmit timeout
        117429 persist timeouts
        1085492861 keepalive timeouts
                1085466328 keepalive probes sent
                5055 connections dropped by keepalive
        103609871 connect requests dropped due to full queue
        100715992 connect requests dropped due to no listener
        0 suspect connect requests dropped due to aging
        0 suspect connect requests dropped due to rate
bash-3.00#

 

and from 'ping' command to  server, there is intermitten connection:

 

Reply from 10.x.x.x: bytes=32 time=721ms TTL=249
Reply from 10.x.x.x: bytes=32 time=730ms TTL=249
Reply from 10.x.x.x: bytes=32 time=733ms TTL=249
Reply from 10.x.x.x: bytes=32 time=719ms TTL=249
Reply from 10.x.x.x: bytes=32 time=717ms TTL=249
Reply from 10.x.x.x: bytes=32 time=717ms TTL=249
Reply from 10.x.x.x: bytes=32 time=726ms TTL=249
Reply from 10.x.x.x: bytes=32 time=721ms TTL=249
Reply from 10.x.x.x: bytes=32 time=721ms TTL=249
Reply from 10.x.x.x: bytes=32 time=726ms TTL=249
Reply from 10.x.x.x: bytes=32 time=697ms TTL=249
Reply from 10.x.x.x: bytes=32 time=718ms TTL=249
Reply from 10.x.x.x: bytes=32 time=717ms TTL=249
Reply from 10.x.x.x: bytes=32 time=720ms TTL=249
Reply from 10.x.x.x: bytes=32 time=721ms TTL=249
Reply from 10.x.x.x: bytes=32 time=150ms TTL=249
Reply from 10.x.x.x: bytes=32 time<1ms TTL=249
Reply from 10.x.x.x: bytes=32 time=1ms TTL=249
Reply from 10.x.x.x: bytes=32 time<1ms TTL=249
Reply from 10.x.x.x: bytes=32 time<1ms TTL=249
Reply from 10.x.x.x: bytes=32 time<1ms TTL=249
Reply from 10.x.x.x: bytes=32 time<1ms TTL=249
Reply from 10.x.x.x: bytes=32 time<1ms TTL=249

 

I have tuned for these TCP parameter:

 

bash-3.00# ndd -get /dev/tcp tcp_ip_abort_interval
600000
bash-3.00# ndd -get /dev/tcp tcp_keepalive_interval
7200000
bash-3.00# ndd -get /dev/tcp tcp_time_wait_interval
60000
bash-3.00# ndd -set /dev/tcp tcp_ip_abort_interval 60000
bash-3.00# ndd -set /dev/tcp tcp_keepalive_interval 900000
bash-3.00# ndd -set /dev/tcp tcp_time_wait_interval 5000

 

doesn't make my system run health. any ideas?

 

 

0 Kudos
Reply
4 REPLIES 4
Bill Hassell
Honored Contributor

‎07-04-2012 01:51 PM

‎07-04-2012 01:51 PM

Re: tune for TCP connection

Look at the health of your network card first:

 

lanadmin -g 0

 

(or change 0 to the lan number of your problem card, -g 2 for example)

 

The second half of the statistics must be zeros (except index). If non-zero, then you have an electrical problem (cabling, connectors, etc) or if the LAN is faster than 10 Mbits and there are FCS errors and collisions, then your LAN port and the switch are mismatched. The 700+ ms ping time is a definite network issue (beyond the LAN card). Setting a bunch of TCP parameters will not fix a bad network path.

 

To test, start with:

 

     ping localhost

 

Then ping your gateway/router, and finally ping an adjacent system on the same subnet. All of these pings should be very small. Once you start fixing the network, be sure to clear the lanadmin stats (lanadmin -c 0 where 0 is the lan card instance number from lanscan).



Bill Hassell, sysadmin
0 Kudos
Reply
piyut_1
Frequent Advisor

‎07-04-2012 09:59 PM

‎07-04-2012 09:59 PM

Re: tune for TCP connection

Thankss for respons,

 

I have tried to ping from my system to gateway and to the other system with have same subnet. Got intermitten connection, time needed more than 700 ms sometimes.

 

I replace to other port catalyst and no intermitten again, till now.

 

bash-3.00# lanadmin -g 2

                      LAN INTERFACE STATUS DISPLAY
                       Thu, Jul 5,2012  11:55:36

PPA Number                      = 2
Description                     = lan2 HP PCI Core I/O 1000Base-T Release B.11.11.21
Type (value)                    = ethernet-csmacd(6)
MTU Size                        = 1500
Speed                           = 1000000000
Station Address                 = 0xf202b6346
Administration Status (value)   = up(1)
Operation Status (value)        = up(1)
Last Change                     = 366403184
Inbound Octets                  = 21011187
Inbound Unicast Packets         = 80174
Inbound Non-Unicast Packets     = 3062
Inbound Discards                = 0
Inbound Errors                  = 0
Inbound Unknown Protocols       = 432
Outbound Octets                 = 11042032
Outbound Unicast Packets        = 84904
Outbound Non-Unicast Packets    = 0
Outbound Discards               = 0
Outbound Errors                 = 0
Outbound Queue Length           = 0
Specific                        = 655367

Ethernet-like Statistics Group

Index                           = 1
Alignment Errors                = 0
FCS Errors                      = 0
Single Collision Frames         = 0
Multiple Collision Frames       = 0
Deferred Transmissions          = 0
Late Collisions                 = 0
Excessive Collisions            = 0
Internal MAC Transmit Errors    = 0
Carrier Sense Errors            = 0
Frames Too Long                 = 0
Internal MAC Receive Errors     = 0

 

BUT, output from 'netstat -p tcp' still got packets retransmitted.

 

bash-3.00# netstat -p tcp
tcp:
        3823384779 packets sent
                321395757 data packets (74136364 bytes)
                421730274 data packets (1381614534 bytes) retransmitted
                568273750 ack-only packets (3323875922 delayed)
                1 URG only packet
                117429 window probe packets
                195271 window update packets
                2933892184 control packets
        3024480715 packets received
                2841148006 acks (for 1933139618 bytes)
                1223890911 duplicate acks
                0 acks for unsent data
                4031193858 packets (2388253530 bytes) received in-sequence
                2538 completely duplicate packets (1426637 bytes)
                79174 packets with some dup, data (80039756 bytes duped)
                482718 out of order packets (546914928 bytes)
                772 packets (2737251106 bytes) of data after window
                11183 window probes
                2127913153 window update packets
                1621254 packets received after close
                0 segments discarded for bad checksum
                0 bad TCP segments dropped due to state change
        2791514658 connection requests
        2237770043 connection accepts
        734317405 connections established (including accepts)
        833295652 connections closed (including 106570227 drops)
        100831136 embryonic connections dropped
        1351937170 segments updated rtt (of 1351937170 attempts)
        413405150 retransmit timeouts
                736161 connections dropped by rexmit timeout
        117429 persist timeouts
        1086257767 keepalive timeouts
                1086231198 keepalive probes sent
                6329 connections dropped by keepalive
        103663533 connect requests dropped due to full queue
        100793160 connect requests dropped due to no listener
        0 suspect connect requests dropped due to aging
        0 suspect connect requests dropped due to rate


0 Kudos
Reply
Bill Hassell
Honored Contributor

‎07-06-2012 10:36 AM

‎07-06-2012 10:36 AM

Re: tune for TCP connection

Intermittant 700ms ping times to the gateway indicate a serious problem with the gateway box.Is your gateway box also your switch connection? You may want to bypass the switch and gateway with a direct cable to an adjacent system (like a laptop). That way, you eliminate any network issues with the switch or gateway.

 

I am assuming that ping to your own address is consistently 0ms. If not, you may have a bad LAN card.



Bill Hassell, sysadmin
0 Kudos
Reply
akio_kabutogi
Advisor

‎07-07-2012 06:10 AM - edited ‎07-07-2012 06:12 AM

‎07-07-2012 06:10 AM - edited ‎07-07-2012 06:12 AM

Re: tune for TCP connection

I agree with Bill's comment:

> Intermittent 700ms ping times to the gateway indicate a serious problem with the gateway box.Is your gateway box also your switch connection?

 

But I am afraid:

 

> I am assuming that ping to your own address is consistently 0ms. If not, you may have a bad LAN card.

 

is not correct. Any traffic to the address of the local system will not go down to the card driver. Packets destined to the address of its own will be loopbacked at IP layer. Thus, if you see >0ms with that, it indicates the system is just overloaded.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.