02-04-2008 06:05 AM
Hi,
We have created some scripts for making managing rservers on the ACE easier. We use plink(putty) for the communication with the ACE.
This works great, however after some time the script does not work anymore.
When i try to plink manually i get this error "Could not create socket pairs: Too many open files in system".
I still can connect with putty but not anymore with plink.
Only after a reboot of the ACE the plink commando can be used again.
Does anyone has this experience too ? I am curious if this is a plink or cisco bug but i don't know how and if file parameters can be changed on the ACE.
Regards,
Sebastian
Solved! Go to Solution.
02-05-2008 09:14 AM
Sebastian,
I managed to reproduce the issue and found out this is a known ddts
CSCsl74755 - Socket/FD resource leak due to ssh sessions
The fix will be in A1(6.4)
Gilles.
02-04-2008 06:54 AM
If plink can't connect but putty does, there must be a difference in what they do.
Can you sniff a connection of plink and one from putty.
02-04-2008 07:30 AM
02-04-2008 08:22 AM
could you do a 'show resource usage' before and after a failure.
Also, get a 'sho resource alloc'.
Thanks,
Gilles.
02-05-2008 01:32 AM
Hi Gilles,
I've done a sh resource usage before and after a reload of the ACE module :
BEFORE RELOAD
Allocation
Resource Current Peak Min Max Denied
-----------------------------------------------------------------------------
Context: FRONTEND
conc-connections 8 226 800000 4800000 0
mgmt-connections 6 44 500 3000 0
proxy-connections 0 10 104858 629144 0
xlates 0 0 104858 629144 0
bandwidth 4435 22996934 50000000 300000000 0
connection rate 3 78 100000 600000 0
ssl-connections rate 0 0 100 600 0
mgmt-traffic rate 2048 76458 12500000 75000000 0
mac-miss rate 0 5 200 1200 0
inspect-conn rate 0 0 600 3600 0
acl-memory 39376 43584 7861044 47166260 0
regexp 0 0 104858 629146 0
syslog buffer 0 0 419430 2516583 0
syslog rate 0 12 300 1800 0
AFTER RELOAD
Allocation
Resource Current Peak Min Max Denied
-----------------------------------------------------------------------------
Context: FRONTEND
conc-connections 14 14 800000 4800000 0
mgmt-connections 6 24 500 3000 0
proxy-connections 0 4 104858 629144 0
xlates 0 0 104858 629144 0
bandwidth 17415 84564 50000000 300000000 0
connection rate 2 10 100000 600000 0
ssl-connections rate 0 0 100 600 0
mgmt-traffic rate 15647 63000 12500000 75000000 0
mac-miss rate 0 0 200 1200 0
inspect-conn rate 0 0 600 3600 0
acl-memory 39376 39440 7861044 47166260 0
regexp 0 0 104858 629146 0
syslog buffer 0 0 419430 2516583 0
syslog rate 0 6 300 1800 0
After a reload the problem disappears. Then after a while it returns.
Regards,
Sebastian
02-05-2008 03:55 AM
Can we get a
'show ssh max' and 'show ssh session' when the problem is there.
Also get a 'show ssh key'
Gilles.
02-05-2008 05:19 AM
Hi Gilles,
As i have rebooted the ACE this day the problem has dissappeared again. When it returns i'll post the output of the commands here. That might be in a week or 2/3.
regards,
Sebastian
02-05-2008 09:14 AM
Sebastian,
I managed to reproduce the issue and found out this is a known ddts
CSCsl74755 - Socket/FD resource leak due to ssh sessions
The fix will be in A1(6.4)
Gilles.
02-06-2008 12:18 AM
Hi Gilles,
great you've been able to reproduce it and found the ddts.
I am curious about how you have been able to reproduce this issue as it takes some weeks here to have it appear again ?
Sebastian
02-06-2008 02:13 AM
downloaded the plink code, added some functions so that it can repeat connections over and over.
I let it run for a few minutes and then the problem was there.
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide