Re: tcp connection limit exceeded msgs

Guessing out loud... did anyone have a port scanner running?

-Craig

johnpitman <johnpitman@xxxxxxxxxxxxxxx> wrote:
N series , 1 x 220Hgz cpu, 1 GB ram, 1 x 18GB, 1 x 36gb hdd MPE 7.5.02

During a normal day we have up to 220 sessions, maybe 30-50 jobs running.
95% of the sessions are network vt-mgr connections. Maybe occasions when
memory bound, but overall ok performance.

Saturday morning get a call that only one guy can log on....get on my vpn
from home. I can ping the system, and other devices on the network, but
reflections wont connect, nor will telnet......
After getting the one logged on user to log off, I can get on, and actually
open 4 sessions. Eventually I see 'tcp connection limit exceeded' msgs on
console. In nettool->status->tcpstat->tcpglobal I see that connections
currently open is sitting on configured limit.....2048
In the end I drove into work , but I couldn't see any obvious source of all
the connections. We have a pc that does ftps from system every minute, but
it was behaving normally. I stopped Jinetd job, no change. I stopped the
jdbc job, no change, or maybe a little - the current connections count
drifted down as low as 2036, but then climbed again.
I shutdown the network, restarted it, current connections went straight to
1823.....who are they?
In the end I configured the max connections up to 4096, and rebooted it.
Currently (couple of hours later), with 3 sessions, a couple of jobs, and
the occasion ftp process, connections open is 88. In the last 10mins crept
up to 98...

Any idea how one finds out who all the connectees are please? This smells a
little like the attack we had on our firewall a while ago....

TIA

jp

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *



---------------------------------
Get your email and more, right on the new Yahoo.com

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

.

Relevant Pages

  • tcp connection limit exceeded msgs
    ... During a normal day we have up to 220 sessions, maybe 30-50 jobs running. ... 95% of the sessions are network vt-mgr connections. ...
    (comp.sys.hp.mpe)
  • Re: maximum number of sessions
    ... I am interested in the maximum number of sessions not connections. ... I.e I can have 15 mapped drives from one machine to ... We have 6 pcs connecting to a 7 pc we call our server. ...
    (microsoft.public.windowsxp.network_web)
  • RE: Multiple entries of the same user under "Current Sessions"
    ... FTP clients, or through the command-line? ... you may well see multiple entries in the 'current sessions' list that ... several sessions open simultaneously.) ... I will see 2 connections, ...
    (microsoft.public.inetserver.iis.security)
  • Re: Exchange 2003 SMTP Current Sessions
    ... Also, I was asking really about the SMTP sessions themselves, long before ... Use a RBL if you must, but pick the one you use with care. ... RBLs don't block spam, they block connections. ...
    (microsoft.public.exchange.admin)
  • Re: Performance problem on initial call of stored procedure
    ... If problem is job startup cost, perhaps tuning prestart jobs will help. ... It is referenced that qsqsrvr in qsyswrk handles the jdbc connections, ... the problem queries from the sql session in navigator, ...
    (comp.sys.ibm.as400.misc)