12-17-2008
Identify process owning TCP connection on Solaris 10
I've been seeing outgoing TCP connections on a SPARC Solaris 10 box, that look like these in the output of netstat:
xxxx.46396 ipXXXXXX.speed.planet.nl.telnet 8192 0 49664 0 TIME_WAIT
They come and go and sometimes last for hours.
I am looking for owners of active, established TCP connections - not for listening TCP sockets.
Is there any way to tell :
1) which process owns (or owned) this connection ?
2) when was the connection created ?
Things I already tried that do not work:
a) lsof
b) 'pfiles' and utilities based on it
Can Solaris ipfilter be use to track this down ?
Thanks.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
We have developed a server program using TCP/IP Communication to communicate with another client program. After running for some days we find the TCP/IP connection from the server program is getting slower.
What i mean to say is since the send() function in the server program (it is... (2 Replies)
Discussion started by: rajesh_puru
2 Replies
2. UNIX for Advanced & Expert Users
Hi Experts,
need help about release or refresh TCP Connection:
i have the sample like below :
application log connection:
0500 ( 192.168.0.1:36053) 00919 2007/05/10 23:30:25 112 13 2007/05/10 23:30:25 1969/12/31 17:00:00
0500 ( 192.168.0.1:36054) 00920 2007/05/10 23:30:26 000 00... (3 Replies)
Discussion started by: bucci
3 Replies
3. Shell Programming and Scripting
Hello,
I am trying to write a script in Perl which will send some data from a UNIX Box to a windows box. I am planning to create a TCP/IP communication port for the same. How do I go about this? Kindly help.
Regards,
Garric (50 Replies)
Discussion started by: garric
50 Replies
4. Programming
Hello. I would like to know how to close an existing tcp socket. I have read some stuff and learned how to create a socket and then close it but have not found anything about how to close an existing tcp socket created by another application. The situation is this: I have an ODBC server running and... (6 Replies)
Discussion started by: raidzero
6 Replies
5. IP Networking
Why this happens?
How to solve this?
$netstat -na |grep 9325
tcp 0 0 127.0.0.1:9325 127.0.0.1:9325 ESTABLISHED
When a client socket repeatedly tries to connect to an inactive(no server socket is listening on this port) local port,connect succeeds.
... (1 Reply)
Discussion started by: johnbach
1 Replies
6. Solaris
Hi everyone,
I am hoping anyone of you could help me in this weird problem we have in 1 of our Solaris 10 servers. Lately, we have been having some ftp problems in this server. Though it can ping any server within the network, it seems that it can only ftp to a select few. For most servers, the... (4 Replies)
Discussion started by: labdakos
4 Replies
7. Solaris
Hi,
I use solaris Unix .
I find there is some problem in application and it generate many "close-wait" tcp connect and stay in the server . it is generate by process id 7740
root@XX # netstat -an | grep CLOSE_WAIT | wc -l
285
root@XX # netstat -an | grep CLOSE_WAIT
10.158.35.4.34805 ... (2 Replies)
Discussion started by: abcdef
2 Replies
8. Programming
Hi.
I am writing client - server application using TCP sockets.
I need some very basic functionality, namely: how to check if another "participant" of the connection is still present?
I want to handle situations, when client is gone, or server breaks down, etc. (25 Replies)
Discussion started by: Shang
25 Replies
9. UNIX and Linux Applications
Good afternoon
i need your help, i am new at unix, in a ETL scenario like datastage is , there are a bunch of procesess (script shells) conecting to hetereogenius database source servers in order to extract information.
Ive got 2 questions
1. Using unix how can i identify exactly the... (1 Reply)
Discussion started by: alexcol
1 Replies
10. Solaris
I have problem with oracle solaris 10 running on oracle sparc T4-2 server.
Os information: 5.10 Generic_150400-03 sun4v sparc sun4v
Output from tcpstat.d script
TCP bytes: out outRetrans in inDup inUnorder
6833763 7300 98884 0... (2 Replies)
Discussion started by: insatiable1610
2 Replies
tcp(4p) tcp(4p)
Name
tcp - Internet Transmission Control Protocol
Syntax
#include <sys/socket.h>
#include <netinet/in.h>
s = socket(AF_INET, SOCK_STREAM, 0);
Description
The TCP protocol provides reliable, flow-controlled, two-way transmission of data. It is a byte-stream protocol used to support the
SOCK_STREAM abstraction. TCP uses the standard Internet address format and, in addition, provides a per-host collection of ``port
addresses''. Thus, each address is composed of an Internet address specifying the host and network, with a specific TCP port on the host
identifying the peer entity.
Sockets utilizing the TCP protocol are either ``active'' or ``passive''. Active sockets initiate connections to passive sockets. By
default TCP sockets are created active; to create a passive socket the system call must be used after binding the socket with the system
call. Only passive sockets can use the call to accept incoming connections. Only active sockets can use the call to initiate connections.
Passive sockets can ``underspecify'' their location to match incoming connection requests from multiple networks. This technique, termed
``wildcard addressing'', allows a single server to provide service to clients on multiple networks. To create a socket that listens on all
networks, the Internet address INADDR_ANY must be bound. The TCP port can still be specified at this time. If the port is not specified,
the system will assign one. Once a connection has been established, the socket's address is fixed by the peer entity's location. The
address assigned the socket is the address associated with the network interface through which packets are being transmitted and received.
Normally, this address corresponds to the peer entity's network.
TCP supports one socket option that is set with and tested with Under most circumstances, TCP sends data when it is presented; when out-
standing data has not yet been acknowledged, it gathers small amounts of output to be sent in a single packet, once an acknowledgement is
received. For a small number of clients, such as window systems that send a stream of mouse events that receive no replies, this packeti-
zation may cause significant delays. Therefore, TCP provides a Boolean option, TCP_NODELAY (from to defeat this algorithm. The option
level for the call is the protocol number for TCP, available from
Diagnostics
A socket operation may fail with one of the following errors returned:
[EISCONN] Try to establish a connection on a socket which already has one.
[ENOBUFS] The system runs out of memory for an internal data structure.
[ETIMEDOUT] A connection was dropped due to excessive retransmissions.
[ECONNRESET] The remote peer forces the connection to be closed.
[ECONNREFUSED] The remote peer actively refuses connection establishment (usually because no process is listening to the port).
[EADDRINUSE] An attempt is made to create a socket with a port that has already been allocated.
[EADDRNOTAVAIL] An attempt is made to create a socket with a network address for which no network interface exists.
See Also
getsockopt(2), socket(2), inet(4f), intro(4n), ip(4p)
tcp(4p)