Closed GoogleCodeExporter closed 8 years ago
[deleted comment]
when disconnet, the client has disconnet complete, and socket file descriptor
has release of client. But socket file descriptor has not release of turnserver.
Original comment by yusunxu...@gmail.com
on 18 Jul 2013 at 6:10
Sorry, I indeed have difficulty understanding what you mean. Do you mean that
the socket file descriptors are not released, sometimes ? I've never seen that
problem. I'll double-check it. What kind of test configuration are you running ?
Original comment by mom040...@gmail.com
on 18 Jul 2013 at 3:18
I'll try to play with my DOS tests to reproduce the problem.
Original comment by mom040...@gmail.com
on 18 Jul 2013 at 3:59
I managed to reproduce a rare minor sockets leak in an intensive DOS attack
test. I am working on it.
Original comment by mom040...@gmail.com
on 18 Jul 2013 at 7:24
Original comment by mom040...@gmail.com
on 18 Jul 2013 at 11:28
This will be fixed in 2.1.1.1
Original comment by mom040...@gmail.com
on 18 Jul 2013 at 11:30
Thank you for your help.
The attach file is my turnserver.conf, and the mysql DB config file is default
config file.
I use this command to add the database data:
turnadmin -a --mysql-userdb="host=localhost dbname=*** user=*** password=***
connect_timeout=30" -u test –r reTurn -p 1234
And all other operations is the default.
Sorry, my english is not good.
Original comment by yusunxu...@gmail.com
on 19 Jul 2013 at 1:27
Attachments:
Thanks.
I found a small sockets leak and I am fixing it.
Unfortunately, even if the TURN server does everything correctly then still it
is possible to reach the "too many open sockets" state. If you are quickly
opening new sessions, and especially if you set longer lifetime on the sessions
(like 1800 or 3600) then eventually there will be more sockets than you system
allow. UDP sessions do not have explicit "close" procedure - they are getting
closed on timeout, by default it is 10 minutes.
You can set user quotes to prevent single user from opening too many sessions.
Other than that, not much can be done. After the socket limit exhaustion, the
server stops accepting the new connections; but it is pretty much alive and it
will eventually recover when the unused sessions will be cleaned out. Then the
server will be available again.
You can also start the TURN server from the root account, then on some systems
it will have higher limit of sockets number.
Original comment by mom040...@gmail.com
on 19 Jul 2013 at 1:39
Yes, Sometimes,the socket file are not released. This occur at client connect
and disconnect fast speed. the not release socket file is create by
create_unbound_ioa_socket func. My client connect will produce 24 socket file
descriptor one time. Beauese one time has UAC and UAS client.
Original comment by yusunxu...@gmail.com
on 19 Jul 2013 at 1:41
As I said, the UDP sessions do not have "disconnect" procedure - they are
getting closed on timeout. You can make that cleanup quick if you set short
allocation session lifetime. So, if you are using default lifetime (600
seconds) and you are connection 100 sessions per second, then in 1 minutes you
will have 6000 sessions, and so on. The TURN server will start releasing
sessions only after 10 minutes, unless you explicitly use short LIFETIME
attribute in the session allocation. After 2 minutes you will see messages like
"too many open sockets" and between 2nd and 10th minutes the TURN server will
reject any new connection. After 10th minute, it will start accepting them
again.
Original comment by mom040...@gmail.com
on 19 Jul 2013 at 1:48
Thanks a lot!
I know what you mean. I has a question, When client connect to turnserver, it
will registered refresh_client_ss_allocation_timeout_hander event, but
sometimes the client_ss_allocation_timeout_handler callback has not run, so at
this time the unbount ioa socket will leak.This situation can improve by way of
what you said ?
Original comment by yusunxu...@gmail.com
on 19 Jul 2013 at 4:35
I say disconnect is close the client proecss. so at this time, the
client_ss_allocation_timeout event will run, but sometimes it has not run
Original comment by yusunxu...@gmail.com
on 19 Jul 2013 at 4:38
I changed the code, it will always run, with an interval. I changed the meaning
of that callback. It was a one-time callback, now it will be a "persistent"
event - a sort of garbage collector. You can take the latest code from SVN as a
preview.
Original comment by mom040...@gmail.com
on 19 Jul 2013 at 4:40
Thanks a lot!
I run the new version of TURN Server from SVN, Now, It run ok. It has not
produce the problem.I will do a pressure testing again .
Original comment by yusunxu...@gmail.com
on 19 Jul 2013 at 5:09
I put 2.1.1.1 tarball into the downloads.
Original comment by mom040...@gmail.com
on 19 Jul 2013 at 5:15
I produced a new build, 2.1.2.0, that is specially optimized for Linux. Its
main focus is DOS attacks defense in Linux environment.
Original comment by mom040...@gmail.com
on 20 Jul 2013 at 11:23
Original issue reported on code.google.com by
yusunxu...@gmail.com
on 18 Jul 2013 at 6:01