View the number of TCP connections in linux
https://blog.csdn.net/he_jian1/article/details/40787269
1. Check which IPs are connected to the machine
netstat -an
2. View the number of TCP connections
1) Count the number of connections on port 80
netstat -nat|grep -i "80"|wc -l
2) Count the number of httpd protocol connections
ps -ef|grep httpd|wc -l
3) Count the connected, the status is " established
netstat -na|grep ESTABLISHED|wc -l
4), find out which IP address has the most connections and block it.
netstat -na|grep ESTABLISHED|awk {print $5}|awk -F: {print $1}|sort |uniq -c|sort -r +0n
netstat -na|grep SYN|awk {print $5}|awk -F: {print $1}|sort|uniq -c|sort -r +0n
------- -------------------------------------------------- ------------------------------------
1. View the current number of concurrent accesses of apache:
netstat -an | grep ESTABLISHED | wc -l
compares the number of MaxClients in httpd.conf.
2. Check how many processes there are:
ps aux|grep httpd|wc -l
3. You can use the following parameters to view the data
server-status?auto
#ps - ef|grep httpd|wc -l
1388
counts the number of httpd processes. Even a request will start a process for the Apache server.
Indicates that Apache can handle 1388 concurrent requests, this value Apache can automatically adjust according to the load.
#netstat -nat|grep -i "80"|wc -l
4341
netstat -an will print the current network link status of the system, while grep -i "80" is used to extract connections related to port 80, and wc -l will Connection statistics.
The final number returned is the total number of requests for all current port 80.
#netstat -na|grep ESTABLISHED|wc -l
376
netstat -an prints the current network link status of the system, while grep ESTABLISHED extracts information about established connections. Then wc -l statistics.
The final number returned is the total number of currently established connections on all 80 ports.
netstat -nat||grep ESTABLISHED|wc - View detailed records of all established connections
View the number of concurrent requests of Apache and its TCP connection status:
Linux command:
netstat -n | awk '/^tcp/ {++S[$NF ]} END {for(a in S) print a, S[a]}'
(
netstat -n | awk ' /^tcp/ {++S [ $NF ] } END {for ( a in S ) print a , S [ a ] } 'TIME_WAIT 8947 Wait enough time to ensure the remote TCP receives a connection break Confirmation of request
FIN_WAIT1 15 Waiting for remote TCP connection interruption request, or confirmation of previous connection interruption request
FIN_WAIT2 1 Waiting for connection interruption request from remote TCP
ESTABLISHED 55 represents an open connection
SYN_RECV 21 After receiving and sending a connection request, wait for the other party's confirmation of the connection request
CLOSING 2 does not have any connection status
LAST_ACK 4 Wait for the acknowledgment of the original connection interruption request sent to the remote TCP
Detailed explanation of TCP connection status
LISTEN: Listen for connection requests from remote TCP ports
SYN-SENT: wait for a matching connection request after sending the connection request again
SYN-RECEIVED: After receiving and sending a connection request, wait for the other party's confirmation of the connection request
ESTABLISHED: Represents an open connection
FIN-WAIT-1: Waiting for a remote TCP connection interruption request, or an acknowledgment of a previous connection interruption request
FIN-WAIT-2: Waiting for connection interruption request from remote TCP
CLOSE-WAIT: Waiting for a connection disconnect request from the local user
CLOSING: Waiting for remote TCP acknowledgment of connection interruption
LAST-ACK: Wait for the acknowledgment of the original connection interruption request sent to the remote TCP
TIME-WAIT: Wait enough time to ensure that the remote TCP receives an acknowledgment of the connection interruption request
CLOSED: No connection status
)
LAST_ACK 5
SYN_RECV 30
ESTABLISHED 1597
FIN_WAIT1 51
FIN_WAIT2 504
TIME_WAIT 1057
one of them
SYN_RECV indicates the number of requests waiting to be processed;
ESTABLISHED indicates normal data transmission status;
TIME_WAIT indicates the number of requests that are processed and waiting for the timeout to end.
---------------------------------------------------------------------------------------------
View the number of Apache concurrent requests and their TCP connection status
Check the number of httpd processes (that is, the number of concurrent requests that Apache can handle in prefork mode):
Linux command:
ps -ef | grep httpd | wc -l
Example of returned result:
1388
It means that Apache can handle 1388 concurrent requests. Apache can automatically adjust this value according to the load. The peak value of each server in my group has reached 2002.
View the number of concurrent requests of Apache and its TCP connection status:
Linux command:
netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
Example of returned result:
LAST_ACK 5
SYN_RECV 30
ESTABLISHED 1597
FIN_WAIT1 51
FIN_WAIT2 504
TIME_WAIT 1057
Among them, SYN_RECV indicates the number of requests waiting to be processed; ESTABLISHED indicates the normal data transmission status; TIME_WAIT indicates the number of requests that are processed and waiting for the timeout to end.
status description
CLOSED: No connection is active or in progress
LISTEN: The server is waiting for an incoming call
SYN_RECV: A connection request has arrived, waiting for confirmation
SYN_SENT: Application has started, open a connection
ESTABLISHED: Normal data transfer status
FIN_WAIT1: The app says it's done
FIN_WAIT2: The other side has agreed to release
ITMED_WAIT: wait for all packets to die
CLOSING: Both sides try to close at the same time
TIME_WAIT: The other side has initiated a release
LAST_ACK: wait for all packets to die
If it is found that there are a large number of connections in the TIME_WAIT state in the system, it can be solved by adjusting the kernel parameters. Edit the file
vim /etc/sysctl.conf
and add the following content:
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 30
and then execute /sbin/sysctl -p to make the parameters take effect.
net.ipv4.tcp_syncookies = 1 means enable SYN cookies. When the SYN waiting queue overflows, enable cookies to prevent a small number of SYN attacks. The default value is 0, which means close;
net.ipv4.tcp_tw_reuse = 1 means enabling reuse. Allow TIME-WAIT sockets to be reused for new TCP connections, the default is 0, which means close;
net.ipv4.tcp_tw_recycle = 1 means that fast recycling of TIME-WAIT sockets in TCP connections is enabled, and the default is 0, which means close.
net.ipv4.tcp_fin_timeout Modify the default TIMEOUT time of the system
The meaning of the TIME_WAIT state is attached below:
After the client establishes a TCP/IP connection with the server and closes the SOCKET, the port
state of the server connection is TIME_WAIT
. Will all sockets that are actively closed enter the TIME_WAIT state?
Is there any situation that makes the actively closed socket directly enter the CLOSED state? The party that actively closes will enter the TIME_WAIT state and stay for 2MSL (max segment lifetime) time
after sending the last ack. This is essential for TCP/IP, that is, it cannot be "solved". That is, the TCP/IP designers originally designed it this way . There are two main reasons 1. Prevent the packets in the previous connection from reappearing after getting lost, affecting the new connection (after 2MSL, all duplicate packets in the previous connection will disappear) 2. Reliably close the TCP connection . The last ack (fin) sent by the active closing party may be lost. At this time, the passive party will resend the fin. If the active party is in the CLOSED state at this time, it will respond to rst instead of ack. So the active party should be in TIME_WAIT state, not CLOSED. TIME_WAIT is not very resource-intensive unless attacked. Also, if one party's send or recv times out, it will directly enter the CLOSED state
How to reasonably set the maximum number of connections for apache httpd?
There is a website at hand that has an increasing number of people online and is slow to access. It was initially thought that the server resources were insufficient, but after repeated tests, once connected, click on different links on the same page, and they can be opened quickly. This phenomenon means that the maximum number of apache connections is full, and new visitors can only Queue to wait for an idle link, and if once connected, there is no need to reopen the connection within the keepalive lifetime (KeepAliveTimeout, default 5 seconds), so the solution is to increase the maximum number of apache connections.
1. Where to set it up?
apache 2.24, use the default configuration (FreeBSD does not load custom MPM configuration by default), the default maximum number of connections is 250
Load the MPM configuration in /usr/local/etc/apache22/httpd.conf (remove the previous comment):
# Server- pool management (MPM specific)
Include etc/apache22/extra/httpd-mpm.conf The
visible MPM configuration is in /usr/local/etc/apache22/extra/httpd-mpm.conf, but it is divided into a lot according to the working mode of httpd Block, which one is the current working mode of httpd? It can be viewed by executing apachectl -l:
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
See the word prefork, so it can be seen that the current httpd should be working in prefork mode. The default configuration of prefork mode is:
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
2. How much to add?
In theory, the larger the number of connections, the better, but it must be within the capabilities of the server, which is related to the server's CPU, memory, and bandwidth.
To view the current number of connections, use:
ps aux | grep httpd | wc -l
or:
pgrep httpd|wc -l
to calculate the average number of memory occupied by httpd:
ps aux|grep -v grep|awk '/httpd/{sum+=$6 ;n++};END{print sum/n}'
Since they are basically static pages, the CPU consumption is very low, and each process occupies a small amount of memory, about 200K.
The server memory has 2G, except for routinely started services, it takes about 500M (conservatively estimated), and 1.5G is left available, then theoretically it can support 1.5*1024*1024*1024/200000 = 8053.06368
about 8K processes, and support 2W people to access at the same time There should be no problem (8K people can be guaranteed to access quickly, others may need to wait 1 or 2 seconds to connect, and once connected, it will be very smooth)
MaxClients that controls the maximum number of connections, so you can try to configure it as :
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
ServerLimit 5500
MaxClients 5000
MaxRequestsPerChild 100
</IfModule>
Note that MaxClients defaults to a maximum of 250. If it exceeds this value, it is necessary to explicitly set ServerLimit, and ServerLimit should be placed before MaxClients. If it is not less than MaxClients, there will be a prompt when restarting httpd.
After restarting httpd, you can observe the number of connections by repeatedly executing pgrep httpd|wc -l. You can see that the number of connections will not increase after reaching the setting of MaxClients, but the website access is also very smooth at this time, so you don't need to be greedy and set more Otherwise, if the website access suddenly increases, the server memory will be consumed. You can gradually adjust it according to the future access pressure trend and memory usage changes until you find an optimal setting value.
(MaxRequestsPerChild cannot be set to 0, it may cause the server to crash due to memory leaks)
Formula for better maximum calculation:
apache_max_process_with_good_perfermance < (total_hardware_memory / apache_memory_per_process ) * 2
apache_max_process = apache_max_process_with_good_perfermance * 1.5
Attachment:
Real-time detection of HTTPD connections:
watch -n 1 -d "pgrep httpd|wc -l"