Hello, I'm trying to understand where the /proc/user_beancounters numtcpsock counter comes from. I have one container that is giving me strange numbers that I cannot account for.
The following command shows the count of TIME_WAIT connections by netstat, the value of /proc/net/sockstat which shows how many time-wait connections it thinks the system has, the value of the numtcpsock counter, and the results of ss -s, which is another way of getting a connection summary. I would think the numbers should add up.
From my container
So netstat shows there being 6 connections in time_wait status, and sockstat and sockstat6 shows the number of tcp connections, there are very few udp connections.
numtcpsock shows 2139, where is that coming from?
Where are the 2020 timewait connections at? Why didn't they show up with a netstat -na | grep TIME_WAIT?
When I look on my proxmox host, I do see about the right number of TIME_WAIT connections for all the VM's. So it is almost like the numtcpsock is counting all timewait connections for the system as a whole along with active connections for that system.
When I run the same thing on a different openvz container, it doesn't look like the numtcpsock includes the timewait connections, but the numtcpsock still doesn't match the number of connections listed.
Does anyone know what exactly numtcpsock is counting and how I can get that same number using tools from within the container.
Thanks
Josh
The following command shows the count of TIME_WAIT connections by netstat, the value of /proc/net/sockstat which shows how many time-wait connections it thinks the system has, the value of the numtcpsock counter, and the results of ss -s, which is another way of getting a connection summary. I would think the numbers should add up.
From my container
Code:
# cd /proc/net && netstat -na |grep TIME_WAIT | wc && cat sockstat && cat sockstat6 && grep numtcpsock /proc/user_beancounters && ss -s
6 36 480
sockets: used 12014
TCP: inuse 251 orphan 0 tw 2020 alloc 5499 mem 2858
UDP: inuse 9 mem 14
UDPLITE: inuse 0
RAW: inuse 0
FRAG: inuse 0 memory 0
TCP6: inuse 183
UDP6: inuse 4
UDPLITE6: inuse 0
RAW6: inuse 0
FRAG6: inuse 0 memory 0
numtcpsock 2139 2145 9048 9048 0
Total: 12014 (kernel 0)
TCP: 7519 (estab 392, closed 7085, orphaned 0, synrecv 0, timewait 2020/0), ports 0
Transport Total IP IPv6
* 0 - -
RAW 0 0 0
UDP 13 9 4
TCP 434 251 183
INET 447 260 187
FRAG 0 0 0So netstat shows there being 6 connections in time_wait status, and sockstat and sockstat6 shows the number of tcp connections, there are very few udp connections.
numtcpsock shows 2139, where is that coming from?
Where are the 2020 timewait connections at? Why didn't they show up with a netstat -na | grep TIME_WAIT?
When I look on my proxmox host, I do see about the right number of TIME_WAIT connections for all the VM's. So it is almost like the numtcpsock is counting all timewait connections for the system as a whole along with active connections for that system.
When I run the same thing on a different openvz container, it doesn't look like the numtcpsock includes the timewait connections, but the numtcpsock still doesn't match the number of connections listed.
Code:
/# cd /proc/net && netstat -na |grep TIME_WAIT | wc && cat sockstat && cat sockstat6 && grep numtcpsock /proc/user_beancounters && ss -s
156 936 12480
sockets: used 11160
TCP: inuse 239 orphan 0 tw 1610 alloc 4926 mem 3608
UDP: inuse 9 mem 14
UDPLITE: inuse 0
RAW: inuse 0
FRAG: inuse 0 memory 0
TCP6: inuse 188
UDP6: inuse 4
UDPLITE6: inuse 0
RAW6: inuse 0
FRAG6: inuse 0 memory 0
numtcpsock 862 1888 3048 3048 0
Total: 11160 (kernel 0)
TCP: 6536 (estab 403, closed 6109, orphaned 0, synrecv 0, timewait 1610/0), ports 0
Transport Total IP IPv6
* 0 - -
RAW 0 0 0
UDP 13 9 4
TCP 427 239 188
INET 440 248 192
FRAG 0 0 0Does anyone know what exactly numtcpsock is counting and how I can get that same number using tools from within the container.
Thanks
Josh