Socket time keepalive is off
Open, Requires assessmentPublicBUG
Actions

Assigned To

None

Authored By

	yakovlev.alexey.n
	May 15 2020, 11:19

Description

PPTP session is closed, interfaces is deleted, but the ports is open:

[root@sk5-301-vpn3 sysconfig]# netstat -not
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       Timer
tcp        0      0 212.193.87.60:80        178.154.144.16:43334    SYN_RECV    on (17.74/5/0)
tcp        0      0 212.193.87.60:80        95.108.155.16:41802     SYN_RECV    on (9.94/4/0)
tcp        0      0 212.193.87.60:80        77.88.4.11:35326        SYN_RECV    on (7.94/3/0)
tcp        0      0 212.193.87.60:1723      5.166.36.60:58123       ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.24.0.163:50719       ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.25.136:51052      ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.32.123.139:48333     ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.25.136:49797      ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.1.132:62966       ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.25.136:52622      ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.2.130:47321       ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      217.114.236.137:31200   ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      90.151.99.156:59882     ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.1.12:58599        ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.3.18:49678        ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.3.130:47758       ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.25.136:52556      ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.24.1.6:41916         ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      217.174.160.75:49685    ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.48.8.150:62533       ESTABLISHED off (0.00/0/0)
tcp        0    304 10.32.240.28:22         10.96.192.49:51110      ESTABLISHED on (0.07/0/0)
tcp        0      0 212.193.87.60:1723      217.114.225.94:22722    ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.2.18:58653        ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      94.190.119.33:49918     ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.2.18:62409        ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      217.114.236.92:9608     ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.24.0.70:63027        ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.9.204:55466       ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      31.162.93.87:49934      ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.33.2:57931        ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      212.75.135.236:55186    ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.1.135:37782       ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      94.190.119.33:49596     ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.15.4:26311        ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.32.123.2:1027        ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      85.140.12.147:32085     ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.25.136:49796      ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.48.8.34:62330        ESTABLISHED off (0.00/0/0)
tcp        0      0 10.32.240.28:1723       10.64.0.143:37120       ESTABLISHED off (0.00/0/0)
tcp        0      0 212.193.87.60:1723      128.75.59.226:50588     ESTABLISHED off (0.00/0/0)

Thus 36 connections are visible. There are actually 11 interfaces:
[root@sk5-301-vpn3 sysconfig]# ifconfig | grep pptp | wc -l
11
It confirms conntrack:

[root@sk5-301-vpn3 sysconfig]# conntrack -L -p tcp --dport 1723
tcp      6 431983 ESTABLISHED src=10.64.2.130 dst=10.32.240.28 sport=47321 dport=1723 src=10.32.240.28 dst=10.64.2.130 sport=1723 dport=47321 [ASSURED] mark=0 use=1
tcp      6 431977 ESTABLISHED src=10.32.123.2 dst=10.32.240.28 sport=1027 dport=1723 src=10.32.240.28 dst=10.32.123.2 sport=1723 dport=1027 [ASSURED] mark=0 use=1
tcp      6 431981 ESTABLISHED src=10.64.3.130 dst=10.32.240.28 sport=47758 dport=1723 src=10.32.240.28 dst=10.64.3.130 sport=1723 dport=47758 [ASSURED] mark=0 use=1
tcp      6 431972 ESTABLISHED src=10.24.0.163 dst=10.32.240.28 sport=50719 dport=1723 src=10.32.240.28 dst=10.24.0.163 sport=1723 dport=50719 [ASSURED] mark=0 use=1
tcp      6 431975 ESTABLISHED src=10.64.1.135 dst=10.32.240.28 sport=37782 dport=1723 src=10.32.240.28 dst=10.64.1.135 sport=1723 dport=37782 [ASSURED] mark=0 use=1
tcp      6 431994 ESTABLISHED src=10.64.0.143 dst=10.32.240.28 sport=37120 dport=1723 src=10.32.240.28 dst=10.64.0.143 sport=1723 dport=37120 [ASSURED] mark=0 use=1
tcp      6 431994 ESTABLISHED src=10.32.123.139 dst=10.32.240.28 sport=48333 dport=1723 src=10.32.240.28 dst=10.32.123.139 sport=1723 dport=48333 [ASSURED] mark=0 use=1
tcp      6 431997 ESTABLISHED src=10.48.8.150 dst=10.32.240.28 sport=62533 dport=1723 src=10.32.240.28 dst=10.48.8.150 sport=1723 dport=62533 [ASSURED] mark=0 use=1
tcp      6 431979 ESTABLISHED src=10.24.1.6 dst=10.32.240.28 sport=41916 dport=1723 src=10.32.240.28 dst=10.24.1.6 sport=1723 dport=41916 [ASSURED] mark=0 use=1
tcp      6 431971 ESTABLISHED src=10.64.33.2 dst=10.32.240.28 sport=57931 dport=1723 src=10.32.240.28 dst=10.64.33.2 sport=1723 dport=57931 [ASSURED] mark=0 use=1
tcp      6 82390 ESTABLISHED src=217.114.236.92 dst=212.193.87.60 sport=9608 dport=1723 src=212.193.87.60 dst=217.114.236.92 sport=1723 dport=9608 [ASSURED] mark=0 use=1
tcp      6 431997 ESTABLISHED src=10.48.8.34 dst=10.32.240.28 sport=62330 dport=1723 src=10.32.240.28 dst=10.48.8.34 sport=1723 dport=62330 [ASSURED] mark=0 use=1
conntrack v1.4.4 (conntrack-tools): 12 flow entries have been shown.

Accel-ppp send data to ISE about 11 sessions.

{F291}

Details

Protocol: General
Version: accel-ppp-1.12.0_69_gf319029-1.x86_64

Event Timeline

yakovlev.alexey.n created this task.May 15 2020, 11:19

yakovlev.alexey.n updated the task description. (Show Details)

Ситуация повторилась.
По lsof -np {PID} вижу открытых коннектов больше, чем интерфейсов. После рестарта сервиса все коннекты закрываются, висящие в том числе.
Uptime два месяца, расхождение по числу коннектов стало заметно после снижения нагрузки.

Hi @yakovlev.alexey.n , how it possible to reproduce on the our LAB? Can you describe this moment if you know?

Socket time keepalive is offOpen, Requires assessmentPublicBUGActions

Description

Details

Event Timeline

Socket time keepalive is off
Open, Requires assessmentPublicBUG
Actions