our server suffered a serious connection timeout problem, so we track tcp connection with tcptrack
we found out that, if the client started to connect to the server, tcptrack shows the connection, but in SYN_SENT status, and netstat -nat
shows nothing. (tcptrack & netstat all runs on the server)
- does this mean the syn request reached the server? and no syn/ack was sent back?
- why the tcptrack could report this connection but netstat could not?
- what could be the problem that a general apache could not establish a connection with the client?
i did a bench test using ab
in the same intranet, to the specified NIC, it handled 10000 concurrent connection and 400000 requests ok
ps: this doesn't happen every time, but did happened a lot
pps: is there any good tools to trace where the tcp connection was lost?
Best Answer
It means the SYN was sent by the client and either didn't reach the server, the server didn't reply to it, or the server opted to reply to it without keeping track of it. The server does not need to keep track of every SYN reply it sends (and can use SYN cookies) because they may be spoofed and doing so creates a risk of denial of service attacks.