Host inacessible on port 9983 after 24 hours

ron78 · April 18, 2021, 7:39am

Since February, I have my 2 hosts to create in 2017 who have trouble with port 9983. When, I start them all, it’s fine. 24 hours later, the host is inaccessible on port 9983 (even in localhost). Port 9982 is still accessible.

Well obviously siastats.info warned me, when not online.

I thought that I had a problem with CLOSE_WAIT? So I set my network parameters, it is evacuated every minute (normal operation under linux / ubuntu 16.04 LTS extended support).

The problem seems to arise when I reach 2000 connections.

Actually, my host work and I closed the creation of new contract:
Total: 253 (kernel 850)
TCP: 188 (estab 45, closed 7, orphaned 2, synrecv 0, timewait 3/0), ports 0

Transport Total IP IPv6

```
    850       -         -        
```

I would put the stats as soon as the host will no longer be accessible.

There is a maximum number defined in siac on port 9983 and one idea ?

ron78 · April 18, 2021, 8:11pm

The host is unavailable this night.

root@sial01s01:~# netstat -nap|grep 9983|grep -v WAIT|wc -l
37
root@sial01s01:~# netstat -nap|grep 9983|wc -l
149
root@sial01s01:~# !telnet
telnet 127.0.0.1 9983
Trying 127.0.0.1…
^C
root@sial01s01:~# telnet 127.0.0.1 9982
Trying 127.0.0.1…
Connected to 127.0.0.1.
Escape character is ‘^]’.
^]
telnet> quit
Connection closed.
root@sial01s01:~# !ss
ss -s
Total: 263 (kernel 697)
TCP: 186 (estab 52, closed 2, orphaned 1, synrecv 0, timewait 0/0), ports 0

Transport Total IP IPv6

```
    697       -         -        
```

RAW 0 0 0
UDP 11 7 4
TCP 184 24 160
INET 195 31 164
FRAG 0 0 0

one idea ?

Covalent · April 27, 2021, 10:34am

Do your ports show as open on https://www.yougetsignal.com/tools/open-ports/ ?
What you sent doesn’t mean much to me.

ron78 · April 28, 2021, 5:45am

Hello Covalentt,
I convert my linux to freebsd. The server takes better 12,000 connections per minute. However, do you know where the contracts are stored? siac can see the space taken up by the contracts but I have the contract Count = 9.

ron78 · May 4, 2021, 6:03am

Great I had found all contracts

Here is the conf, which I used under linux which was not enough to manage the 10,000 connections per minute.

into /etc/sysctl.conf file:

net.ipv4.tcp_keepalive_time = 10
net.ipv4.tcp_keepalive_probes = 2
net.ipv4.tcp_keepalive_intvl = 2

net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1

fs.file-max=1048576

Don’t act as a router

net.ipv4.ip_forward=0
net.ipv4.conf.all.send_redirects=0
net.ipv4.conf.default.send_redirects=0

Turn on execshild

kernel.exec-shield=1
kernel.randomize_va_space=2

Increase system IP port limits

net.ipv4.ip_local_port_range=2000 65000

Increase TCP max buffer size setable using setsockopt()

net.ipv4.tcp_rmem=4096 87380 8388608
net.ipv4.tcp_wmem=4096 87380 8388608

Increase Linux auto tuning TCP buffer limits

min, default, and max number of bytes to use

set max to at least 4MB, or higher if you use very high BDP paths

Tcp Windows etc

net.core.rmem_max=8388608
net.core.wmem_max=8388608
net.core.netdev_max_backlog=5000
net.ipv4.tcp_max_syn_backlog=5048

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

net.ipv4.route.flush=1
net.ipv4.tcp_rfc1337 = 1
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.tcp_sack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_ecn = 0

net.core.somaxconn=10000

security management

fs.suid_dumpable=0

Covalent · May 13, 2021, 10:03am

oof it’s been a bit since I went on here
For actual help, you should go on the sia discord https://discord.gg/sia