Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
using netstat -tln | wc -l I see over 9,000 listening ports on one of my DB servers.
On another DB server the same command shows 4500 listening ports. Both DB servers are running Oracle.
Why so many listening ports and why the huge difference in two servers both serving the same function. Any ideas? TIA!!!!
Thanks for the reply. I had ice issues yesterday and lost the internet.
Indeed we know we do not need all those ports. I've built 6 servers all from a kickstart network install. Exactly the same. Yet one of the servers only had 39 open ports while the others have 4k or 3 of them have 9k. All doing the same function running an oracle DB.
Thanks for your suggestion, Running with the -p shows a - (dash) in the pid field 99% of the time. A few pid's show up but for the most part it is blank. Is this a clue that something is not closing the port after the process has died?
I am running it as root. Suspicion is that these are zombie processes that are not being killed off properly. We've found some CLOSE_WAIT processes still listening waiting for the ack that whatever was being closed indeed closed. But that is only a small percentage and I've added a variable to sys.config that should fix that issue.
I think we have a memory overflow or something going on but I can't figure out what the heck it is.
How many listener processes do you see if you do a:
netstat -tlnp | wc -l
On most servers I see 27 or 35. But I'm seeing 9000+ on some servers.
Any ideas why?
On my computer, ubuntu 8.10, 22 ports
You can run "tcpdump -i eth0 -nl" to see which which computer requested those ports to be opened or run...
while sleep 1; netstat -tlnp >>/tmp/listen.log; done
To get a continuous dump of the netstat. Take a look at the ports that are still opened at the end and search for them in the listen log to see which app had opened it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.