- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- SYN_RCVD messages !!
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-11-2006 10:04 AM
тАО10-11-2006 10:04 AM
SYN_RCVD messages !!
I'm lossing the connection with mi Application Server (Bea Weblogic) throught 9001 port. When i check the netstat status, i receive the next information:
tcp 0 1 130.10.16.4.9001 130.20.180.44.4783 SYN_RCVD
tcp 0 1 130.10.16.4.9001 130.20.180.44.4785 SYN_RCVD
tcp 0 1 130.10.16.4.9001 130.20.218.40.4874 SYN_RCVD
tcp 0 1 130.10.16.4.9001 130.20.180.44.4780 SYN_RCVD
tcp 0 1 130.10.16.4.9001 130.20.180.44.4819 SYN_RCVD
tcp 0 1 130.10.16.4.9001 130.20.218.40.4876 SYN_RCVD
tcp 0 1 130.10.16.4.9001 130.20.180.44.4777 SYN_RCVD
tcp 0 1 130.10.16.4.9001 130.20.180.44.4798 SYN_RCVD
tcp 0 1 130.10.16.4.9001 130.20.180.44.4781 SYN_RCVD
I was searching in the web an i found the next information about the SYN_RCVD message:
A half open TCP connection is stored in the TCP Half Open Queue in the state "SYN_RCVD". It should take less than one second for a TCP connection to transition from the "SYN_RCVD" state to the "ESTABLISHED" state. The only time you will ever see a connection in the "SYN_RCVD" state is during a SYN flood.
Some body has an idea ?
Thank's in advance !!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-11-2006 05:32 PM
тАО10-11-2006 05:32 PM
Re: SYN_RCVD messages !!
130.20.180.44 and 130.20.218.40 - a these addrs are known to you? Are they are able to be flooders?
Possibly your server cannot process incoming connections, i.e. it can not call accept() system call on them so they hang in incoming connections queue for long time
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-12-2006 05:34 AM
тАО10-12-2006 05:34 AM
Re: SYN_RCVD messages !!
Thank's in advance!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-12-2006 10:24 AM
тАО10-12-2006 10:24 AM
Re: SYN_RCVD messages !!
Another explanation might be that the system's performance is too low for the current load.
Has your application ever been performance tested? This is usually done by using another program on one or more other servers to send requests to your application at a pre-selected speed, or even as fast as possible. The amount of completed requests is then monitored. The testing program needs to be configured to create exactly the same kind of queries that your application users normally do.
Another thing to do is profiling: running an application with profiling enabled slows it down (sometimes a lot!), but it produces information that can be used to find out the parts of the code that the application is spending most of its execution time. This helps a lot in analyzing and fixing performance problems.
With Java applications, you can also take a "thread dump" at any time. You can send a "kill -QUIT" to the Java Virtual Machine: it won't stop the JVM, but it causes the JVM to print out the status of all the threads the JVM is running at the moment, including the name of the method each of the threads is running in.
For example, Bea Weblogic has a concept of "execute threads". At least the earlier versions had a limited number of them: if all of them are tied up in e.g. database queries, the Weblogic server cannot accept any new connections until at least one execute thread becomes free. The result might look just like your case.
In our internal development projects we have generally noticed this: if an application has not undergone performance testing during development, it may very well contain design mistakes and/or inefficient programming techniques that limit its performance. It may be very difficult to correct those mistakes afterwards without scrapping at least part of the design an re-implementing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-12-2006 10:30 AM
тАО10-12-2006 10:30 AM
Re: SYN_RCVD messages !!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-12-2006 12:54 PM
тАО10-12-2006 12:54 PM
Re: SYN_RCVD messages !!
The remote's ACK of our SYN _should_ be automagic in the remote's transport, but _could_ I suppose be delayed waiting to give the remote client application a chance to send a request to be piggybacked with the ACK.
Presumably, we will keep retransmitting our SYN until the remote ACKs or we hit the tcp_ip_abort_cinterval setting. You may see an increase in TCP retransmission timeouts recorded in netstat -p tcp output without corresponding increases in data segments retransmitted. Of course, if there are general packet loss problems between the server and the clients, you will see data segments being retransmitted too.
Some "general goodness" things to check:
*) That pings have no losses between the client(s) and the server
*) Check the lanadmin statistics on the server and see if it is in half-duplex and recording _late_ collisions. That _could_ be an indication of a duplex mismatch - search the archives talking about autoneg for more on that one.