0503linux核心網路引數測試tcp_keepalive

[20170503]linux核心網路引數測試tcp_keepalive.txt

# echo /proc/sys/net/ipv4/tcp_keepalive* | xargs   -n 1  strings -1 -f
/proc/sys/net/ipv4/tcp_keepalive_intvl: 75
/proc/sys/net/ipv4/tcp_keepalive_probes: 9
/proc/sys/net/ipv4/tcp_keepalive_time: 7200

引數解析:
/proc/sys/net/ipv4/tcp_keepalive_time    當keepalive起用的時候，TCP傳送keepalive訊息的頻度。預設是2小時。
/proc/sys/net/ipv4/tcp_keepalive_intvl   當探測沒有確認時，keepalive探測包的傳送間隔。預設是75秒。
/proc/sys/net/ipv4/tcp_keepalive_probes  如果對方不予應答，keepalive探測包的傳送次數。預設值是9。

1.測試說明:
client_ip=192.168.101.6
servier_ip=192.168.31.8

2.測試:
--//首先在在服務端執行如下:
# tcpdump -i eth0  host 192.168.101.6 and not port 22 and port 1521 -nnn

--//(注最好在tmux下執行,這樣即使斷開網路,程式也一直在後臺執行),如果沒有tmux,可以使用screen,或者使用nohup 命令,把結果輸出到
--//文字檔案中.然後拔掉client端的網線(有點粗暴,等下午觀察)
--//測試很簡單啟動sqlplus連線伺服器192.168.31.8(client ip=192.168.101.6)

# tcpdump -i eth0  host 192.168.101.6 and not port 22 and port 1521 -nnn
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
11:45:35.556171 IP 192.168.101.6.61511 > 192.168.31.8.1521: P 266196060:266196323(263) ack 266559111 win 16087
11:45:35.556545 IP 192.168.31.8.1521 > 192.168.101.6.61511: P 1:269(268) ack 263 win 277
11:45:35.557302 IP 192.168.101.6.61511 > 192.168.31.8.1521: P 263:284(21) ack 269 win 16425
11:45:35.557389 IP 192.168.31.8.1521 > 192.168.101.6.61511: P 269:371(102) ack 284 win 277
11:45:35.756763 IP 192.168.101.6.61511 > 192.168.31.8.1521: . ack 371 win 16399
--//client_ip=192.168.101.6 servier_ip=192.168.31.8
13:45:35.622771 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 對比前面的時間正好2個小時.
13:46:50.622714 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 間隔75秒
13:48:05.622669 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 間隔75秒
13:49:20.622606 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 間隔75秒
13:50:35.622581 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 間隔75秒
13:51:50.622536 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 間隔75秒
13:53:05.624812 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 間隔75秒
13:54:20.629661 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 間隔75秒
13:55:35.630374 IP 192.168.31.8.1521 > 192.168.101.6.61511: . ack 284 win 277    <== 間隔75秒
13:56:50.634701 IP 192.168.31.8.1521 > 192.168.101.6.61511: R 371:371(0) ack 284 win 277  <== 間隔75秒

--//後面間隔75秒,次數正好9次,充分驗證前面引數tcp_keepalive*的設定.忘記觀察是否這是連線已經斷開了.

--//也可以修改/etc/sysctl.conf引數檔案:
net.ipv4.tcp_keepalive_time = 200
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 4

--//執行sysctl -p 生效.這是我在另外機器的測試:(注這次沒有斷開網路).

# tcpdump -i eth2  host 192.168.101.6 and not port 22 -nnn
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
15:56:54.895543 IP 192.168.101.6.54835 > 192.168.90.16.1521: Flags [P.], seq 915087626:915087889, ack 2674786075, win 16087, length 263
15:56:54.901859 IP 192.168.90.16.1521 > 192.168.101.6.54835: Flags [P.], seq 1:1275, ack 263, win 345, length 1274
15:56:54.903137 IP 192.168.101.6.54835 > 192.168.90.16.1521: Flags [P.], seq 263:284, ack 1275, win 16425, length 21
15:56:54.903262 IP 192.168.90.16.1521 > 192.168.101.6.54835: Flags [P.], seq 1275:1377, ack 284, win 345, length 102
15:56:55.094738 IP 192.168.101.6.54835 > 192.168.90.16.1521: Flags [.], ack 1377, win 16399, length 0

16:00:15.094297 IP 192.168.90.16.1521 > 192.168.101.6.54835: Flags [.], ack 284, win 345, length 0
16:00:15.100102 IP 192.168.101.6.54835 > 192.168.90.16.1521: Flags [.], ack 1377, win 16399, length 0
16:03:35.100284 IP 192.168.90.16.1521 > 192.168.101.6.54835: Flags [.], ack 284, win 345, length 0
16:03:35.101480 IP 192.168.101.6.54835 > 192.168.90.16.1521: Flags [.], ack 1377, win 16399, length 0

--//3*60+20=200

16:06:55.101658 IP 192.168.90.16.1521 > 192.168.101.6.54835: Flags [.], ack 284, win 345, length 0
16:06:55.102206 IP 192.168.101.6.54835 > 192.168.90.16.1521: Flags [.], ack 1377, win 16399, length 0

--!!以後都是200秒.從伺服器發起連線監測時候網路正常.
--//當然也可以修改sqlnet.ora檔案,加入sqlnet.expire_time=1,明天繼續測試2種混合在一起的情況.

3.測試2者混合在一起的情況:
client_ip=192.168.101.6
servier_ip=192.168.31.8

--//也可以修改/etc/sysctl.conf引數檔案:
net.ipv4.tcp_keepalive_time = 200
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 4

# echo /proc/sys/net/ipv4/tcp_keepalive* | xargs   -n 1  strings -1 -f
/proc/sys/net/ipv4/tcp_keepalive_intvl: 10
/proc/sys/net/ipv4/tcp_keepalive_probes: 4
/proc/sys/net/ipv4/tcp_keepalive_time: 200

$ cat sqlnet.ora
DIAG_ADR_ENABLED = OFF
sqlnet.expire_time=1
SQLNET.INBOUND_CONNECT_TIMEOUT =0

--//重啟監聽略:
$ lsntctl stop;sleep 1 ; lsnrctl start

# tcpdump -i eth0  host 192.168.101.6 and not port 22 and port 1521 -nnn
09:03:25.054059 IP 192.168.31.8.1521 > 192.168.101.6.56298: P 5832:5849(17) ack 6956 win 254
09:03:25.054381 IP 192.168.101.6.56298 > 192.168.31.8.1521: P 6956:6969(13) ack 5849 win 16091
09:03:25.054463 IP 192.168.31.8.1521 > 192.168.101.6.56298: P 5849:5866(17) ack 6969 win 254
09:03:25.256361 IP 192.168.31.8.1521 > 192.168.101.6.56298: P 5849:5866(17) ack 6969 win 254
09:03:25.256685 IP 192.168.101.6.56298 > 192.168.31.8.1521: . ack 5866 win 16087 <nop,nop,sack 1 {5849:5866}>
..
09:05:25.034910 IP 192.168.31.8.1521 > 192.168.101.6.56298: P 5866:5876(10) ack 6969 win 254
09:05:25.228989 IP 192.168.101.6.56298 > 192.168.31.8.1521: . ack 5876 win 16085
09:06:25.047668 IP 192.168.31.8.1521 > 192.168.101.6.56298: P 5876:5886(10) ack 6969 win 254
09:06:25.250725 IP 192.168.101.6.56298 > 192.168.31.8.1521: . ack 5886 win 16082
09:07:25.059427 IP 192.168.31.8.1521 > 192.168.101.6.56298: P 5886:5896(10) ack 6969 win 254
09:07:25.260497 IP 192.168.101.6.56298 > 192.168.31.8.1521: . ack 5896 win 16080

--//可以發現起作用是sqlnet.expire_time=1,可能是設定sqlnet.expire_time=1時間太短.
--//注開始發起第1個包時間間隔是sqlnet.expire_time的2倍,也就是2分鐘.以後才是1分鐘間隔.
--//修改net.ipv4.tcp_keepalive_time = 20測試.

# echo /proc/sys/net/ipv4/tcp_keepalive* | xargs   -n 1  strings -1 -f
/proc/sys/net/ipv4/tcp_keepalive_intvl: 10
/proc/sys/net/ipv4/tcp_keepalive_probes: 4
/proc/sys/net/ipv4/tcp_keepalive_time: 20

--//sqlplus重新連線測試....
# tcpdump -i eth0  host 192.168.101.6 and not port 22 and port 1521 -nnn
09:11:33.105651 IP 192.168.31.8.1521 > 192.168.101.6.57471: P 5832:5849(17) ack 6955 win 277
09:11:33.106017 IP 192.168.101.6.57471 > 192.168.31.8.1521: P 6955:6968(13) ack 5849 win 16091
09:11:33.106101 IP 192.168.31.8.1521 > 192.168.101.6.57471: P 5849:5866(17) ack 6968 win 277
09:11:33.301576 IP 192.168.101.6.57471 > 192.168.31.8.1521: . ack 5866 win 16087
...
09:13:33.077109 IP 192.168.31.8.1521 > 192.168.101.6.57471: P 5866:5876(10) ack 6968 win 277
09:13:33.279214 IP 192.168.101.6.57471 > 192.168.31.8.1521: . ack 5876 win 16085
09:14:33.088855 IP 192.168.31.8.1521 > 192.168.101.6.57471: P 5876:5886(10) ack 6968 win 277
09:14:33.299118 IP 192.168.101.6.57471 > 192.168.31.8.1521: . ack 5886 win 16082
--//可以發現起作用是sqlnet.expire_time=1,linux核心引數不起作用.

4.還是取消sqlnet.expire_time=1看看.
--//注原來的會話一定要退出.不然設定sqlnet.expire_time=1依舊起作用.

# tcpdump -i eth0  host 192.168.101.6 and not port 22 and port 1521 -nnn
09:16:45.369765 IP 192.168.101.6.58289 > 192.168.31.8.1521: P 6955:6968(13) ack 5849 win 16091
09:16:45.369854 IP 192.168.31.8.1521 > 192.168.101.6.58289: P 5849:5866(17) ack 6968 win 254
09:16:45.565878 IP 192.168.101.6.58289 > 192.168.31.8.1521: . ack 5866 win 16087
..
09:17:05.566768 IP 192.168.31.8.1521 > 192.168.101.6.58289: . ack 6968 win 254
09:17:05.567087 IP 192.168.101.6.58289 > 192.168.31.8.1521: . ack 5866 win 16087
09:17:25.567023 IP 192.168.31.8.1521 > 192.168.101.6.58289: . ack 6968 win 254
09:17:25.567339 IP 192.168.101.6.58289 > 192.168.31.8.1521: . ack 5866 win 16087
09:17:45.567278 IP 192.168.31.8.1521 > 192.168.101.6.58289: . ack 6968 win 254
09:17:45.567595 IP 192.168.101.6.58289 > 192.168.31.8.1521: . ack 5866 win 16087
09:18:05.567537 IP 192.168.31.8.1521 > 192.168.101.6.58289: . ack 6968 win 254
09:18:05.567859 IP 192.168.101.6.58289 > 192.168.31.8.1521: . ack 5866 win 16087

--//間隔20秒監測1次.
--//從測試可以發現如果2個都設定,起作用的是sqlnet.expire_time,估計設定很大沒意義.(不會大於設定120分鐘吧).