Connection refused cause of the problem are generally three types:
1. Open the port server does not have such direct that would Connection refused, not intermittent, can be directly excluded;
2. The server firewall is not open whitelist external docking with a lot of the time, is the need to export the company added other ip firewall white list, which will direct Connection refused, not intermittent, it can be directly excluded;
Set on a small backlog 3. Server, causing the connection queue is full, the server may report Connection refused, or Connecttion reset by peer, look at this set of connections on the server queue is full;
The exception stack detailed information is as follows:
And keeping method:
He is a native method, not surprisingly. Because it is docking with third-party cloud service providers, so that they can check the backlog size of the server configuration, where the recall process tcp three-way handshake.
The first step: client sends syn to the server to initiate a handshake;
Step Two: server after receiving the reply syn syn + ack to the client;
The third step: client receives syn + ack, ack acknowledge the receipt of a reply to server the server syn + ack;
Tcp is connected to the sheet of FIG follows:
1. The server calls bind () & listen () after the function, listens to a local port;
2. Client hair SYN, the server receives the connection state to the SYN_RCVD, into the semi-connected connection queue, and replies to the Client syn + ack;
3. The client receives syn + ack, client connection state to ESTABLISHED, reply ack, the connector into full connection queue.
Wherein the connection queue to see half the size: max (64, / proc / SYS / NET / IPv4 / tcp_max_syn_backlog )
The above is the configuration on my machine semi-connected, with the large, 260,000.
全连接队列的大小: min(backlog, somaxconn), backlog是在socket创建的时候传入的,somaxconn是一个os级别的系统参数。
代码涉及到Socket这一层的操作时,需要自己传backlog的大小,否则默认值是50.
public ServerSocket(int port, int backlog) throws IOException {
this(port, backlog, null);
}
所有上面Connection Refused很容易因为backlog设置的太小而发生,例如,nginx的配置就有backlog, 默认是511,Tomcat 默认是100。
一般来说,如果是公司自己的服务器,可以通过TCP建连接的时候全连接队列(accept队列)满了,通过一些命令可以查询队列情况:
netstat -s 命令
通过netstat -s | egrep "listen" 看队列的溢出统计数据,多执行几次,看全连接队列overflow次数有没有增长:
ss 命令
上面看Send-Q的值就是listen端口上全连接队列的最大值,Recv-Q就是当前全连接队列用了多少。
netstat跟ss命令一样也能看到Send-Q、Recv-Q这些状态信息,不过如果这个连接不是Listen状态的话,Recv-Q就是指收到的数据还在缓存中,还没被进程读取,这个值就是还没被进程读取的 bytes;而 Send 则是发送队列中没有被远程主机确认的 bytes 数。
因此如果出现间歇性Connection Refused,检查是否有设置backlog, backlog设置的是否过小。