Hello guys
I am experiencing a very strange behavior on one of our AIX servers. We have an application with several processes that listen on several port numbers. Sometimes we receive complains that people cannot connect to the server on a specific port that is used by one the application processes. When we check for the process status we can see that the process is up and running and everything is ok. But when we run
Code:
netstat -an | grep 1234
where 1234 is (for example) the port number, we don't find the port in the list of the listening ports.
The obvious solution is to kill and restart the process. Well this doesn't always solve the problem as sometimes it stays that way even after restarting it and stays for a few minutes before listening.
Now the question is: what could possibly cause an application in AIX to be running but not listening on the port where it should be listening?
Does the existence of too many concurrent connections to the same port cause this behavior?
Thanks a lot in advance and I appreciate any help from your side.
Sounds more like a bug in the application rather than an OS thing. Have you tried checking with the application support team? Does the application log any error about shutting down ports?
I have seen Java applications delay in opening ports. But, shutting down a listening port is different, may be due to some restriction in the application's config, etc. In your situation, I would seek help from the apps team.
Sure i will check with the application's support team. I just want to rule out any possibility that this behavior is related to OS.
What about the number of concurrent connections? is it possible that initiating too many of these can cause the port to close ??
Does your system use the inbuilt firewall? You may want to check the max. connection settings for that port using the tcptr utility. For details, take a look at here: IBM AIX TCP Traffic Regulation
What about the number of concurrent connections? is it possible that initiating too many of these can cause the port to close ??
Such a thing is impossible by design of the IP-stack. Let me elaborate:
First, what is a port: a port is an address on layer 4 of the network stack - just like the IP-address is an address on layer 3 (and the MAC address on layer 2). Other than the IP address it identifies a service rather than a host. There are 2 bytes identifying the port and therefore there are 65535 possible ports. Think of it like appartments to a house: the IP address identifies the house itself, the port number identifies the appartment. if you ring at different doors, different people will open, even if you are still in the same house. Some might not open at all, because the apartment is empty.
Communication now works in this way: behind any port(-number) a daemon can listen and offer some service - or not. If a daemon indeed listens it will pick up what comes its way and somehow react - by answering, by doing something, establishing a connection, whatever. Some ports, especially the ones up to # 1023, are for offering standard services: telnet, ftp, http, ssh, lpd, .... and so on. These are called "well known services" and only root can start a process using these ports. Usually a symbolic name is defined for these ports - see "/etc/services" - but this is not necessary.
You can even try this with a printer: if you have a network printer it sure runs a "lpd" daemon. This listens at port 515 per default. Using your telnet client (it allows to configure the port used) try:
Code:
telnet printer.yournetwork.com 515
Of course you will not get any telnet connection - the lpd speaks lpd and not telnet - but you will probably get some banner, identifying the printer. Something like "HP JetDirect Line Printer daemon v1.23 .....", maybe listing some EPROM software revision or so before it closes the connection.
If no daemon is listening, there is simply no answer. If you attempt to initiate a communication with a remote port where no daemon listens you get a "connection refused" answer usually, but this comes from your system, not the remote one - the remote one is simply not saying anything at all.
You see, there is no "closed" ports because ports can neither be closed nor opened. They are just listened at - or not. The daemon listening itself can of course terminate a certain connection and send your system the message "connection closed" - but this does not "close" any port, it just terminates the status that to a certain port someone is listening - if using some specific port was part of the session setup. Some daemons are contacted at a common port, then set up connections at different ports (above 1024) and listen again at the common port for new sessions.
Such a thing is impossible by design of the IP-stack. Let me elaborate:
First, what is a port: a port is an address on layer 4 of the network stack - just like the IP-address is an address on layer 3 (and the MAC address on layer 2). Other than the IP address it identifies a service rather than a host. There are 2 bytes identifying the port and therefore there are 65535 possible ports. Think of it like appartments to a house: the IP address identifies the house itself, the port number identifies the appartment. if you ring at different doors, different people will open, even if you are still in the same house. Some might not open at all, because the apartment is empty.
Communication now works in this way: behind any port(-number) a daemon can listen and offer some service - or not. If a daemon indeed listens it will pick up what comes its way and somehow react - by answering, by doing something, establishing a connection, whatever. Some ports, especially the ones up to # 1023, are for offering standard services: telnet, ftp, http, ssh, lpd, .... and so on. These are called "well known services" and only root can start a process using these ports. Usually a symbolic name is defined for these ports - see "/etc/services" - but this is not necessary.
You can even try this with a printer: if you have a network printer it sure runs a "lpd" daemon. This listens at port 515 per default. Using your telnet client (it allows to configure the port used) try:
Code:
telnet printer.yournetwork.com 515
Of course you will not get any telnet connection - the lpd speaks lpd and not telnet - but you will probably get some banner, identifying the printer. Something like "HP JetDirect Line Printer daemon v1.23 .....", maybe listing some EPROM software revision or so before it closes the connection.
If no daemon is listening, there is simply no answer. If you attempt to initiate a communication with a remote port where no daemon listens you get a "connection refused" answer usually, but this comes from your system, not the remote one - the remote one is simply not saying anything at all.
You see, there is no "closed" ports because ports can neither be closed nor opened. They are just listened at - or not. The daemon listening itself can of course terminate a certain connection and send your system the message "connection closed" - but this does not "close" any port, it just terminates the status that to a certain port someone is listening - if using some specific port was part of the session setup. Some daemons are contacted at a common port, then set up connections at different ports (above 1024) and listen again at the common port for new sessions.
I hope this helps.
bakunin
Thanks kindly for your time and effort and i really appreciate your elaboration,
Team,
I have multiple batchjobs running in VM, if I do ps -ef |grep java or tomcat I am getting multiple process list.
How do I get my exact tomcat process running and that is unique? via shell script? (4 Replies)
Hi Experts,
I am facing one problem here which is one process always stuck in running state which causes the other similar process to sleep state . This causes my system in hanged state.
On doing cat /proc/<pid>wchan showing the "__init_begin" in the output.
Can you please help me here... (6 Replies)
Hi Experts,
I am facing one problem here which is one process always stuck in running state which causes the other similar process to sleep state . This causes my system in hanged state.
On doing cat /proc/<pid>wchan showing the "__init_begin" in the output.
Can you please help me here... (1 Reply)
Hi Experts,
I am facing one problem here which is one process always stuck in running state which causes the other similar process to sleep state . This causes my system in hanged state.
On doing cat /proc/<pid>wchan showing the "__init_begin" in the output.
Can you please help me here... (0 Replies)
I have process1 running on one machine and generating some log file. Now another process which can be launched on any machine wants to know if process1 is running or not and also in case it is running it wants to stream the logs file generated by process1 on terminal from which process2 is... (2 Replies)
I have been having some trouble trying to get some code working, so I was wondering...what system calls are required to execute a different program from an already running process? (1 Reply)
How can I have ports that are listening without processes being associated with them?
root@ldv002 # netstat -ltnup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0... (2 Replies)
Hello all,
I would be happy if any one could help me with a shell script that would determine all the processes running on a Unix server and post a mail if any of the process is not running or aborted.
Thanks in advance
Regards,
pradeep kulkarni.
:mad: (13 Replies)
Hi Everybody,
I want to create a shell script named as say "jip" and it is runned.
And i want that when i do ps + grep for the process than this jip should be shown as process.
Infact there might be process with name jip which is already running. (3 Replies)
09-22-2012
