Monday, November 12, 2012

How To Use NETSTAT To Find Interrupted Connections

This note is taking ldap connection for example. We use can the same method  for other type of connections
 Below example is to show ldap connections are interrupted by firewall. Application side has no idea what happen ,thus spinning on ldap search.


 apps%  netstat -ap | grep ldap|  grep 24512
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)
tcp        0      0 test.us.test.com:24512 bigip-testldap-stage.us.:ldap ESTABLISHED 27714/java

And I worked with LDAP engineer to get the corresponding netstat output on the ldap server:

ldap$ netstat -ap | grep 24512
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)
tcp        0      0 ldap.us.test.com:ldap  test.us.test.com:24512 ESTABLISHED 1442/oidldapd

So the connection was established on both sides and thus login to WebLogic Admin had no issue.

After around 30mins. Did the same netstat test and only apps server had showed an output while the connection on the ldap server was already gone/closed.

apps%  netstat -ap | grep ldap|  grep 24512
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)
tcp        0      0 test.us.test.com::24512 bigip-testldap-stage.us.:ldap ESTABLISHED 27714/java

ldap$ netstat -ap | grep 24512
    (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)

...nothing

So the connections are interrupted by firewall.
In this case, I got the spinning (Ldap stuck) issue trying to logon to the WebLogic Admin console.
The solution is simple. Add a regular test to make connections alive.




No comments: