
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2008 06:05 AM
Hi,
We have created some scripts for making managing rservers on the ACE easier. We use plink(putty) for the communication with the ACE.
This works great, however after some time the script does not work anymore.
When i try to plink manually i get this error "Could not create socket pairs: Too many open files in system".
I still can connect with putty but not anymore with plink.
Only after a reboot of the ACE the plink commando can be used again.
Does anyone has this experience too ? I am curious if this is a plink or cisco bug but i don't know how and if file parameters can be changed on the ACE.
Regards,
Sebastian
Solved! Go to Solution.
- Labels:
-
Application Networking
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2008 09:14 AM
Sebastian,
I managed to reproduce the issue and found out this is a known ddts
CSCsl74755 - Socket/FD resource leak due to ssh sessions
The fix will be in A1(6.4)
Gilles.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2008 06:54 AM
If plink can't connect but putty does, there must be a difference in what they do.
Can you sniff a connection of plink and one from putty.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2008 07:30 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2008 08:22 AM
could you do a 'show resource usage' before and after a failure.
Also, get a 'sho resource alloc'.
Thanks,
Gilles.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2008 01:32 AM
Hi Gilles,
I've done a sh resource usage before and after a reload of the ACE module :
BEFORE RELOAD
Allocation
Resource Current Peak Min Max Denied
-----------------------------------------------------------------------------
Context: FRONTEND
conc-connections 8 226 800000 4800000 0
mgmt-connections 6 44 500 3000 0
proxy-connections 0 10 104858 629144 0
xlates 0 0 104858 629144 0
bandwidth 4435 22996934 50000000 300000000 0
connection rate 3 78 100000 600000 0
ssl-connections rate 0 0 100 600 0
mgmt-traffic rate 2048 76458 12500000 75000000 0
mac-miss rate 0 5 200 1200 0
inspect-conn rate 0 0 600 3600 0
acl-memory 39376 43584 7861044 47166260 0
regexp 0 0 104858 629146 0
syslog buffer 0 0 419430 2516583 0
syslog rate 0 12 300 1800 0
AFTER RELOAD
Allocation
Resource Current Peak Min Max Denied
-----------------------------------------------------------------------------
Context: FRONTEND
conc-connections 14 14 800000 4800000 0
mgmt-connections 6 24 500 3000 0
proxy-connections 0 4 104858 629144 0
xlates 0 0 104858 629144 0
bandwidth 17415 84564 50000000 300000000 0
connection rate 2 10 100000 600000 0
ssl-connections rate 0 0 100 600 0
mgmt-traffic rate 15647 63000 12500000 75000000 0
mac-miss rate 0 0 200 1200 0
inspect-conn rate 0 0 600 3600 0
acl-memory 39376 39440 7861044 47166260 0
regexp 0 0 104858 629146 0
syslog buffer 0 0 419430 2516583 0
syslog rate 0 6 300 1800 0
After a reload the problem disappears. Then after a while it returns.
Regards,
Sebastian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2008 03:55 AM
Can we get a
'show ssh max' and 'show ssh session' when the problem is there.
Also get a 'show ssh key'
Gilles.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2008 05:19 AM
Hi Gilles,
As i have rebooted the ACE this day the problem has dissappeared again. When it returns i'll post the output of the commands here. That might be in a week or 2/3.
regards,
Sebastian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2008 09:14 AM
Sebastian,
I managed to reproduce the issue and found out this is a known ddts
CSCsl74755 - Socket/FD resource leak due to ssh sessions
The fix will be in A1(6.4)
Gilles.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-06-2008 12:18 AM
Hi Gilles,
great you've been able to reproduce it and found the ddts.
I am curious about how you have been able to reproduce this issue as it takes some weeks here to have it appear again ?
Sebastian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-06-2008 02:13 AM
downloaded the plink code, added some functions so that it can repeat connections over and over.
I let it run for a few minutes and then the problem was there.
Gilles.
