HP-UX TCP/IP Performance White Paper, March 2008

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software

6.1.1 Monitoring TCP connections with netstat –an

Each socket results in a network connection. Use netstat -an command to determine the state of your

existing network connections. The following example shows the contents of the protocol control block table

and the number of TCP connections currently in each state:

# netstat -an | grep tcp | awk '//{print $6}' | sort | uniq -c

1 CLOSE_WAIT

728 ESTABLISHED

23 FIN_WAIT_1

12 FIN_WAIT_2

51 LISTEN

11 SYN_RCVD

9163 TIME_WAIT

For Web servers, where the server initiates the closing of a connection, it is normal for the majority of

connections to be in a TIME_WAIT state. Each TCP connection not in TIME_WAIT state requires

approximately 12K bytes of memory in HP-UX, including memory for sockets, STREAMS, and protocol data

structures. Connections in TIME_WAIT state require only a minimal amount of state to be maintained. Note

that in this example, there are almost 10,000 TCP connections being used, less than 1000 of which are not

in TIME_WAIT state, requiring less than 12 MB of memory.

6.1.2 Monitoring protocol statistics with netstat -p

netstat –p protocol is a subset of the netstat –s output. Use the netstat –p tcp command

to check for retransmissions, connect request dropped, out-of-order packets, and bad checksums for the TCP

protocol. Use the netstat –p udp command to look for bad checksums and socket overflows for the

UDP protocol. You can use the output of these commands to identify network performance problems by

comparing the values in some fields to the total number of packets sent or received.

A large number of entries in the connect requests dropped due to full queue field may

indicate that the listen queue is too small or clients have canceled requests. Section 4.2.4 describes how to

increase the size of the listen queue. Other important fields to examine include the completely

duplicate packets, out-of-order packets, and discarded fields. For example:

# netstat -p tcp

tcp:

122850444 packets sent

55697656 data packets (2041533911 bytes)

56238 data packets (46227636 bytes) retransmitted

68319667 ack-only packets (4200 delayed)

0 URG only packets

0 window probe packets

1166089 window update packets

639 control packets

283493903 packets received

4986072 acks (for 2039278403 bytes)

1172 duplicate acks

0 acks for unsent data

278496894 packets (1635765768 bytes) received in-sequence

0 completely duplicate packets (0 bytes)

0 packets with some dup, data (0 bytes duped)

8705 out of order packets (12431596 bytes)

0 packets (0 bytes) of data after window

787 window probes

152 window update packets

0 packets received after close

0 segments discarded for bad checksum

0 bad TCP segments dropped due to state change

41 connection requests

357 connection accepts

398 connections established (including accepts)

241 connections closed (including 0 drops)