Check the number of connections on a port in Linux

Enterprise 2022-09-26 21:26:10 views: null

Linux check the number of connections on a port

1. Check which IPs are connected to the machine

netstat -an

2. View the number of TCP connections

1) Count the number of 80-port connections

netstat -nat | grep -i "80" | wc -l

2) Count the number of httpd protocol connections

ps -ef | grep httpd | wc -l

3) Statistics are connected, the status is "established"

netstat -anp | grep ESTABLISHED | wc -l

4), find out which IP address has the most connections and block it

netstat -anp | grep ESTABLISHED | awk {print $5}|awk -F: {print $1} | sort | uniq -c | sort -r +0n

netstat -anp | grep SYN | awk {print $5}|awk -F: {print $1} | sort | uniq -c | sort -r +0n

Example:

1. View the current number of concurrent accesses to Apache:

netstat -anp | grep ESTABLISHED | wc -l

Compare the difference in the number of MaxClients in httpd.conf.

2. Check how many processes there are:

ps to | grep httpd | wc-l

3. You can use the following parameters to view the data

# ps -ef | grep httpd | wc -l

1388

Count the number of httpd processes. Even a request will start a process for the Apache server.

Indicates that Apache can handle 1388 concurrent requests. This value can be automatically adjusted by Apache according to the load.

# netstat -ant | grep -i "80" | wc -l

4341

netstat -an will print the current network link status of the system, while grep -i "80" is used to extract connections related to port 80, and wc -l will count the number of connections. The final number returned is the total number of current requests for all 80 ports.

# netstat -anp | grep ESTABLISHED | wc -l

376

netstat -an will print the current network link status of the system, while grep ESTABLISHED will extract information about established connections. Then wc -l statistics. The final number returned is the total number of currently established connections for all 80 ports.

netstat -ant || grep ESTABLISHED | wc -

View detailed records of all established connections

View the number of concurrent requests of Apache and its TCP connection status:

# netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

TIME_WAIT 8947 Waited enough time to ensure that the remote TCP received an acknowledgment of the connection break request

FIN_WAIT1 15 Waiting for remote TCP connection interruption request, or confirmation of previous connection interruption request

FIN_WAIT2 1 Waiting for connection interruption request from remote TCP

ESTABLISHED 55 represents an open connection

SYN_RECV 21 After receiving and sending a connection request, wait for the other party's confirmation of the connection request

CLOSING 2 does not have any connection status

LAST_ACK 4 Wait for the acknowledgment of the original connection interruption request sent to the remote TCP

Detailed explanation of TCP connection status

LISTEN: Listen for connection requests from remote TCP ports

SYN-SENT: wait for a matching connection request after sending the connection request again

SYN-RECEIVED: After receiving and sending a connection request, wait for the other party's confirmation of the connection request

ESTABLISHED: represents an open connection

FIN-WAIT-1: Waiting for a remote TCP connection interruption request, or an acknowledgment of a previous connection interruption request

FIN-WAIT-2: Waiting for connection abort request from remote TCP

CLOSE-WAIT: Waiting for a connection disconnect request from the local user

CLOSING: Waiting for remote TCP acknowledgment of connection interruption

LAST-ACK: Wait for the acknowledgment of the original connection interruption request sent to the remote TCP

TIME-WAIT: Wait enough time to ensure that the remote TCP receives an acknowledgment of the connection interruption request

CLOSED: No connection status

SYN_RECV indicates the number of requests waiting to be processed;

ESTABLISHED indicates normal data transmission status;

TIME_WAIT indicates the number of requests that have been processed and waited for the timeout to end.

4. If it is found that there are a large number of connections in the TIME_WAIT state in the system, it can be solved by adjusting the kernel parameters.

because /etc/sysctl.conf

Edit the file and add the following:

net.ipv4.tcp_syncookies = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_tw_recycle = 1

net.ipv4.tcp_fin_timeout = 30

then execute

/sbin/sysctl -p

Make the parameters take effect.

Attach the meaning of the TIME_WAIT state:

net.ipv4.tcp_syncookies = 1 means enable SYN cookies. When the SYN waiting queue overflows, enable cookies to deal with it, which can prevent a small number of SYN attacks. The default value is 0, which means it is closed;

net.ipv4.tcp_tw_reuse = 1 means to enable reuse. Allow TIME-WAIT sockets to be reused for new TCP connections, the default is 0, which means close;

net.ipv4.tcp_tw_recycle = 1 means to enable fast recycling of TIME-WAIT sockets in TCP connections, the default is 0, which means close.

net.ipv4.tcp_fin_timeout Modify the default TIMEOUT time of the system

5. After the client establishes a TCP/IP connection with the server and closes the SOCKET, the port status of the server connection is TIME_WAIT. Will all sockets that are actively closed enter the TIME_WAIT state? Is there any situation that makes the actively closed socket directly enter the CLOSED state?

After the party that actively shuts down sends the last ack, it will enter the TIME_WAIT state and stay for 2MSL (max segment lifetime) time. This is essential for TCP/IP, that is, it cannot be "solved". That's how the TCP/IP designers originally designed it.

There are two main reasons:

1. Prevent the packets in the previous connection from reappearing after getting lost, affecting the new connection (after 2MSL, all duplicate packets in the previous connection will disappear)

2. Reliably close the TCP connection. The last ack(fin) sent by the active closing party may be lost. At this time, the passive party will re-send the fin. If the active party is in CLOSED at this time

status, it will respond to rst instead of ack. Therefore, the active party must be in the TIME_WAIT state, not CLOSED. TIME_WAIT does not take up a lot of resources unless it is attacked. Also, if one party's send or recv times out, it will directly enter the CLOSED state.

6. How to reasonably set the maximum number of connections for Apache httpd?

There is a website with an increase in the number of online users, and the access is very slow. It was initially thought that the server resources were insufficient, but after repeated tests, once connected, click different links on the same page, and they can be opened quickly. This phenomenon means that the maximum number of apache connections is full. New visitors can only wait in line for an idle link, and once connected, they do not need to reopen the connection within the keepalive lifetime (KeepAliveTimeout, default 5 seconds), so the solution is to increase the maximum value of apache. Large number of connections.

1. Where is it set up?

apache 2.24, use the default configuration (FreeBSD does not load custom MPM configuration by default), the default maximum number of connections is 250

Load the MPM configuration in /usr/local/etc/apache22/httpd.conf (remove the previous comment):

# Server-pool management (MPM specific)

Include etc/apache22/extra/httpd-mpm.conf

The visible MPM configuration is in /usr/local/etc/apache22/extra/httpd-mpm.conf, but it is divided into many parts according to the working mode of httpd. Which one is the current working mode of httpd? You can view it by executing apachectl -l:

Compiled in modules:

core.c

prefork.c

http_core.c

mod_so.c

Seeing the word prefork, it can be seen that the current httpd should be working in prefork mode. The default configuration of prefork mode is:

<IfModule mpm_prefork_module>

StartServers 5

MinSpareServers 5

MaxSpareServers 10

MaxClients 150

MaxRequestsPerChild 0

</IfModule>

2. How much to add?

Theoretically, the larger the number of connections, the better, but it must be within the server's capacity, which is related to the server's CPU, memory, and bandwidth.

To view the current number of connections, use:

ps to | grep httpd | wc-l

or:

pgrep httpd|wc -l

Calculate the average amount of memory occupied by httpd:

ps aux|grep -v grep|awk '/httpd/{sum+=$6;n++};END{print sum/n}'

Since they are basically static pages, the CPU consumption is very low, and each process occupies a small amount of memory, about 200K.

The server memory has 2G, and it takes about 500M (conservatively estimated) except for the services that are normally started. There is still 1.5G available, so theoretically it can support 1.5*1024*1024*1024/200000 = 8053.06368

There are about 8K processes, and it should be no problem to support 2W people to access at the same time (it can ensure that 8K people can access quickly, others may need to wait 1 or 2 seconds to connect, and once connected, it will be very smooth)

MaxClients that controls the maximum number of connections, so try configuring as:

<IfModule mpm_prefork_module>

StartServers 5

MinSpareServers 5

MaxSpareServers 10

ServerLimit 5500

MaxClients 5000

MaxRequestsPerChild 100

</IfModule>

Note that MaxClients defaults to a maximum of 250. If the value exceeds this value, ServerLimit must be set explicitly, and ServerLimit must be placed before MaxClients, and the value should not be less than MaxClients, otherwise a prompt will be displayed when restarting httpd.

After restarting httpd, execute pgrep httpd|wc -l repeatedly to observe the number of connections. You can see that the number of connections does not increase after reaching the value set by MaxClients, but the access to the website is also very smooth at this time, so there is no need to be greedy. Set a higher value, otherwise, if the website access burst is not small in the future, the server memory will be consumed. You can gradually adjust it according to the future access pressure trend and memory usage changes until you find an optimal one. setting value.

(MaxRequestsPerChild cannot be set to 0, the server may crash due to memory leak)

The formula for the calculation of the optimal maximum value:

apache_max_process_with_good_perfermance < (total_hardware_memory / apache_memory_per_process ) * 2

apache_max_process = apache_max_process_with_good_perfermance * 1.5

7. Detect the number of httpd connections in real time:

watch -n 1 -d "pgrep httpd|wc -l"

Guess you like

Origin blog.csdn.net/qq_34556414/article/details/126918130
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com