LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > AIX
User Name
Password
AIX This forum is for the discussion of IBM AIX.
eserver and other IBM related questions are also on topic.

Notices

Reply
 
LinkBack Search this Thread
Old 10-20-2007, 11:55 AM   #1
Yordan
Member
 
Registered: Nov 2004
Posts: 52

Rep: Reputation: 15
socket: All ports in use


On my AIX box, when I try to "rlogin remotehost" I receive
" socket: All ports in use "
I guess it's a problem with the number of allowed outoing ports.
Where can I increase this number of ports ?
There is no "/etc/xinetd.conf" file in AIX, where are these things set up?
I need to perform 1000 simultaneouis rlogin's, and currently I cannot go above 509.
 
Old 10-21-2007, 01:35 AM   #2
paulsm4
Guru
 
Registered: Mar 2004
Distribution: SusE 8.2
Posts: 5,863
Blog Entries: 1

Rep: Reputation: Disabled
Hi -

Maybe you're running out of ephemeral ports.

The OS only has a limited range of TCP/IP port numbers it can assign to new connections, and TCP/IP requires a "TIME_WAIT" period before it can recycle an old socket number for a new connection.

You can use the AIX "no" command to try different values of tcp_ephemeral_low, tcp_ephemeral_high, and tcp_timewait.

On other versions of Unix (but not AIX), I would also check kernel parameters like "MAXFD" (maximum #/open file descriptors).

IMHO .. PSM
 
Old 10-21-2007, 04:01 PM   #3
Yordan
Member
 
Registered: Nov 2004
Posts: 52

Original Poster
Rep: Reputation: 15
Node1 />no -a |grep ephem
tcp_ephemeral_high = 65535
tcp_ephemeral_low = 32768
udp_ephemeral_high = 65535
udp_ephemeral_low = 32768
Node1 />
tcp_ephemeral_high = 65535 looks rather high. Do you mean that 500 rlogin connections use 65000 ports ?
 
Old 10-21-2007, 10:34 PM   #4
paulsm4
Guru
 
Registered: Mar 2004
Distribution: SusE 8.2
Posts: 5,863
Blog Entries: 1

Rep: Reputation: Disabled
No, that doesn't mean that 500 rlogin connections use 65000 ports.

Yes, that *does* mean that those 500 rlogin connections might well be exhausting one or another limited system resource (like, for example, free ephemeral port descriptors).

Your homework assignment is to do some more research to figure out what resource might be the culprit.

Here's one link that may (or may not) be related to your specific problem:

http://linux.about.com/library/cmd/b..._rresvport.htm
<= The problem might have to do with the function "rresvport"; used by "rcmd", which is in turn closely related to "rlogin"

"netstat -a|wc -l", "netstat -a|less", "lsof" and (of course!) "errpt -a|less" are some of the commands that might be useful to you to get more information about the problem.

You can get lsof binaries for AIX here:
http://www.mirrors.wiretapped.net/se.../binaries/aix/

Good luck!

PS:
And by all means, look at your time_wait settings, too!

Last edited by paulsm4; 10-21-2007 at 10:38 PM.
 
Old 04-03-2008, 05:52 AM   #5
royolsen
LQ Newbie
 
Registered: Apr 2008
Location: Norway
Distribution: Red Hat Enterprise Linux
Posts: 6

Rep: Reputation: 0
The reason for this behaviour is quite simple.

rsh/rlogin will only use trusted/privileged ports for outgoing communication, by that meaning ports with a number below 1024. In a typical configuration ports 513-1023 will be used, but other ranges may apply for your environment.

There is simply no way to sustain 1000 rsh connections from a single host without using unprivileged ports, which again would leave you wide open to a number of attacks.

The solution is to use pdsh or ssh, or both.

ssh does not require privileged ports to stay secure and is not affected by such limitations. You may however meet limitations on other system resources when running a large number of parallel sessions.

pdsh uses a sliding window to limit the number of parallell threads while running commands on a large number of remote hosts.

Additionally, pdsh can be configured to use ssh, allowing for a more secure approach to managing your clusters.
 
  


Reply

Tags
rsh, ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
"rcmd socket : All ports in use" Error alchimiste Linux - General 1 10-26-2006 10:33 AM
fseek on a socket descriptor to discard socket buffer? Thinking Programming 1 12-06-2005 09:15 PM
cannot read data at server socket, though client socket sends it jacques83 Linux - Networking 0 11-15-2005 01:58 PM
Unable to connect to UNIX socket /tmp/.esd/socket error while using grip dr_zayus69 Linux - Software 4 08-23-2005 07:28 PM
"rcmd socket : All ports in use" Error alchimiste Linux - Networking 0 02-18-2003 04:57 AM


All times are GMT -5. The time now is 11:30 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration