So I am working on a basic client/server school project. The server is running on port 10'000. The problem is whenever I manually close the server (CTRL+C) the local TCP connection on port 10'000 stays alive for a minute or so. It gets into a "TIME_WAIT" state. Is there any way I can kill the connection right away and start using it directly? Linux btw.
Thanks!
I hope that undestand you correctly. Try fuser -k 10000/tcp it should help
I think you can use setsockopt() function with SO_REUSEADDR option. It should allow you to bind to the same address and port of application which you have just terminated.
Here is example of using SO_REUSEADDR:
How do I use setsockopt(SO_REUSEADDR)?
Related
In my application, I bind a socket to the port 38614.
While in test, I find sometime the port is used by another application.
So I failed to bind on it and get the error, "Address already in use".
I did some research, and find I could set the parameter /proc/sys/net/ipv4/ip_loca_port_range to reserve the port for my application.
So I add a new line "net.ipv4.ip_local_port_range = 50000 60000" to the file /etc/sysctl.conf.
Then I reboot the system.
But I still find a port 34660 out of the range which I set is used by some application.
[root#xxxx ~]# netstat -apn | grep fe80::cef1:3
tcp6 0 0 fe80::cef1:12345 fe80::cef1:34660 ESTABLISHED 2401/xxxx
So what should I do to reserve some ports for my application?
Could anyone give me some advice?
Another method is using a small port, such as 1001 which is not used by any other application, but I do not think it is a good idea for the ports smaller than 1024 are reserved for well-known ports.
===============================================================
I have found the answer of the question "how do I reserve ports for my application?"
While I don't think it is a good idea, for it is difficult to make sure that our application runs earlier than any other application. Actually my application has to start after another application which does some prepare for my application.
The linux system may assign any port in the port pool to any application when it need a port.
===============================================================
The parameter "ip_local_reserved_ports" is similar to "ip_local_port_range", they are in the same folder, and it is much more difficult to be tested. In my test the parameter "ip_local_port_range" doesn't work as our expect, so I don't believe the "ip_local_reserved_ports" is ok.
B.R.
Forward
The idea to reserve the port is to block the usage of this port for an outgoing connection. I mean if you have a potential service that will open for LISTEN the port 8080, if you don't reserve it, and the range of ports include this port, could conflict with a outgoing connection that randomly uses 8080 as "source port".
I'm quoting answers of how do I reserve ports for my application?
You could try with:
sysctl -w net.ipv4.ip_local_reserved_ports = 49000, 49001
drop it in /etc/sysctl.conf, and then run sysctl -p.
To ensure the kernel won't give out 49000 and 49001 to clients as you wish to use them for your servers on linux.
Note that this is untested.
However, this is the accepted answer to the question:
Technically, there's no such thing as a "reserved port".
In TCP/UDP, the only way to "reserve" a port is to actually bind() a socket to it. A bound port will not be used by other applications; an unused port is, well, unused so other applications are free to use it.
If you are writing server software, then you can bind your sockets to specific ports as early as you want in the application code. Make the port numbers configurable, or at least clearly state them in the documentation, so that a systems administrator can quickly identify clashes and move conflicting applications to separate servers.
I want to create a page that simulates a hung/frozen web page. For example, I could use a really long "sleep" in PHP. But if I wanted to make this a public tool, I could well imagine this might eat up server resource (sockets, memory, etc - I'm not that experienced at this level of abstraction) and eventually cause real problems for the server.
I don't want to simply close the socket with the client, because that would not provide the type of "waiting" behavior I want to simulate.
The solution doesn't have to be PHP related. That was just an example. It can be any language and/or web server. The only criteria is FOSS on Linux.
You can simply use netcat to listen on a port and return nothing.
nc -l localhost 8080
Or if you wanted it to continue listening when the client has closed the connection
while (TRUE); do nc -l localhost 8080; done
edit: some versions of nc have the -k option to force netcat to continue listening after the socket is closed. In those cases you don't need to loop.
I am interested in finding out when things SSH into my boxen to create a reverse tunnel. Currently I'm using a big hack - just lsof with a few lines of script. So my goal is to see when a socket calls bind() and, ideally, get the port it binds to (it's listening locally since it's a reverse tunnel) and the remote host that I would be connecting to. My lsof hack is basically fine, except I don't get instant notifications and it's rather... hacky :)
This is easy for files; once a file does just about anything, inotify can tell me in Linux. Of course, other OSs have a similar capability.
I'm considering simply tailing the SSHD logs and parsing the output, but my little "tunnel monitor" daemon needs to be able to figure out the state of the tunnels at any point in time, even if it hasn't been running the whole time SSHD has.
I have a pretty evil hack I've been considering as well. It's a script that invokes GDB on /usr/sbin/sshd, then sets a breakpoint on bind. Then it runs it with the options -d -p <listening port> -- Running a separate SSHD for these tunnels is fine. Then it waits for that breakpoint to get hit, and uses GDB's input to get the remote hosts's IP address and the local IP on which SSH is now listening. Again, that's text parsing and opens some other issues.
Is there a "good" way to do this?
I would use SystemTap for a problem like this. You can use it to probe the kernel to see when a bind is done by any process on the system. http://sourceware.org/systemtap/
Folks,
My environment is Ubuntu 12.04.
Here is a pseudo-code for my TCP server application that is listening for a connection:
while(true) {
int hConn = accept(hMain, NULL, NULL);
string s = readClient(hConn);
if (s == "quit") {
close(hConn);
}
}
While my server is running, I telnet to localhost at port nnnn:
$ telnet localhost nnnn
quit
Connection closed by foreign host.
$
When the server receives "quit," it closes the client connection. This causes the telnet client to quit with an appropriate message.
So far so good.
However, when I run netstat, I can still see that the client connection is still alive.
It takes a few seconds for the connection to disappear.
This happens even if I force quit my server app.
If I run my server app once again, I get an error that port "nnnn" is still in use.
I have to wait for a few seconds before I can run my server app once again.
Is there something that I am missing? Is there a way to fix this behavior?
Note that I am indeed closing socket hMain when quitting the server although this is not shown in the above pseudo-code.
Thank you in advance for your help.
Regards,
Peter
You need to be aware of the TIME_WAIT state, which provides that TCP connections which have been closed hang around for a couple of minutes for TCP security/integrity reasons.
The problem with restarting your server can be overcome via the SO_REUSEADDR option.
I want a server to listen for a connection from 100.0.0.0:3000. When the connection occurs, it should then open up a new connection to 200.0.0.0:3000 and maintain exact data forwarding from the first connection to the second one.
Note, this is not HTTP.
I am not an expert with NodeJS's connection utilities, so the attempt I have is an error-fraught mess that's simply not working (I can show you if I like). I'm sure there is a simple way to do this. Thanks.
Check out this proxy: https://github.com/gonzalo123/nodejs.tcp.proxy/blob/master/proxy.js.
Really simple. Does the job :)
You could use HAProxy or IPTables to forward ports.