HPE Community
Operating System - HP-UX
1846399 Members
3230 Online
110256 Solutions
New Discussion

CLOSE-WAIT

 
SOLVED
Go to solution
j773303
Super Advisor

‎03-28-2004 07:30 PM

‎03-28-2004 07:30 PM

CLOSE-WAIT

Does anyone knows how to remove a socket port which status is CLOSE-WAIT? Due to my customer write a socket program, caused the port 9994 in CLOSE_WAIT for a long time. Thanks.
Hero
0 Kudos
Reply
6 REPLIES 6
Hoefnix
Honored Contributor

‎03-28-2004 07:35 PM

‎03-28-2004 07:35 PM

Re: CLOSE-WAIT

Hi,

Read manpage of ndd. It should work but I never tested it because it seems a little tricky.

ndd -get /dev/tcp tcp_status |grep -e state -e TCP_CLOSE_WAIT

After that you can disconnect it like this:
ndd -set /dev/tcp tcp_discon 0x????????

HTH,
Peter
Reply
Fabio Ettore
Honored Contributor

‎03-28-2004 07:40 PM

‎03-28-2004 07:40 PM

Re: CLOSE-WAIT

Hi,

# ndd -get /dev/tcp tcp_status | grep -e state -e CLOSE_WAIT

and clear it by

# ndd -set /dev/tcp tcp_discon 0x

HTH.

Best regards,
Ettore
WISH? IMPROVEMENT!
Reply
Fabio Ettore
Honored Contributor

‎03-28-2004 07:41 PM

‎03-28-2004 07:41 PM

Re: CLOSE-WAIT

sorry Peter,
I am writing when you posted the message. Please no points here for me...

Ettore
WISH? IMPROVEMENT!
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎03-28-2004 07:42 PM

‎03-28-2004 07:42 PM

Solution

Re: CLOSE-WAIT

Here is how to do is using ndd;

The unorthodox method of using tcp_discon or tcp_discon_by_addr allows terminating of connections in the connections table without the need for a reboot. However, my advice is to use it only as a last resort.

To use the ndd -set /dev/tcp tcp_discon, you need the pointer to the TCP instance data. You can retrieve this via the ndd command tcp_status.

So, the scenario to find the TCP instance data and then use tcp_discon to remove
the instance is as follows:

# ndd -get /dev/tcp tcp_status
TCP dest snxt suna swnd cwnd rnxt rack rwnd rto mss [lport,fport] state

0183b8b4 015.043.233.086 533cb8ce 533cb8ce 00008000 00003000 533bc583 533bc583
00000000 02812 04096 [c00a,cea9] TCP_CLOSE_WAIT

So, if you wanted to remove this connection:
# ndd -set /dev/tcp tcp_discon 0x0183b8b4

If you want to use the tcp_discon_by_addr, you use a 24 byte string that contains the hex representation of the quadruple.

For example, if the connection that I want to delete is:

Local IP: 192.1.2.3 (0xc0010203)
Local Port: 1024 (0x0400)
Remote IP : 192.4.5.6 (0xc0040506)
Remote Port: 2049 (0x0801)

The "hex" string you pass to tcp_discon_by_addr is:

# ndd -set /dev/tcp tcp_discon_by_addr "c00102030400c00405060801"

NOTE: the preceding 0x that typically indicates a Hex number is NOT part of the
string passed.
Im from Palmerston North, New Zealand, but somehow ended up in London...
Reply
Hoefnix
Honored Contributor

‎03-28-2004 07:45 PM

‎03-28-2004 07:45 PM

Re: CLOSE-WAIT

Don't worry Ettore, it happens to me also.
You still deserve points because you toulk the time to inverstigate this problem.

Regards,
Peter
0 Kudos
Reply
rick jones
Honored Contributor

‎03-30-2004 05:11 AM

‎03-30-2004 05:11 AM

Re: CLOSE-WAIT

Bluntly put, your customer has a broken application. While you can indeed abort connections with ndd, doing so is a massive kludge.

CLOSE_WAIT is the state a TCP connection enters when the remote TCP has sent a FIN. This is communicated to the local application (via a read call returning zero) and it is then up to the application to do something. Either the connection is a valid send-only connection (receipt of a FIN only means that the remote will not send any more data, it says nothing about willingness to receive data), or the local application should be calling close().

The application is doubly broken if this connection being in CLOSE_WAIT is preventing the application from restarting - in this case the bug is the application not setting SO_REUSEADDR before attempting to bind() to its well-known port number.

Sooo...

Your customer needs to fix their application.
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.