All Products
Search

This Product

    Alibaba Cloud Linux:What do I do if the return value of the Send-Q parameter is 0 after the ss command is run on an Alibaba Cloud Linux 2 ECS instance?

    Document Center

    Alibaba Cloud Linux:What do I do if the return value of the Send-Q parameter is 0 after the ss command is run on an Alibaba Cloud Linux 2 ECS instance?

    Last Updated:Dec 08, 2023

    This topic describes the cause of the following issue and how to resolve the issue: The return value of the Send-Q parameter is 0 after the ss command is run on an Elastic Compute Service (ECS) instance that runs Alibaba Cloud Linux 2.

    Problem description

    After you run the ss -lnt command on an ECS instance that meets the following conditions, the return value of the Send-Q parameter is 0.

    • Image: aliyun-2.1903-x64-20G-alibase-20190507.vhd or earlier

    • Kernel: kernel-4.19.43-13.al7.x86_64 or earlier

    A command output similar to the following one is displayed. 

    # ss -lnt
State       Recv-Q Send-Q                            Local Address:Port                                           Peer Address:Port
LISTEN      0      0                                             *:35107                                                     *:*
LISTEN      0      0                                             *:38727                                                     *:*
LISTEN      0      0                                             *:5355                                                      *:*
LISTEN      0      0                                             *:111                                                       *:*

    For the ss command, the return value of the Send-Q parameter indicates the maximum size of the syn backlog of a listening TCP socket. In Linux, the return value of the Send-Q parameter indicates the maximum queue size of all connections on a listening TCP socket. In this case, the return value of the Send-Q parameter cannot be 0. 

    Send-Q
       Established:  The  count  of bytes not acknowledged by the remote host.  
       Listening: Since Kernel 2.6.18 this column contains the maximum
       size of the syn backlog.

    Cause

    The tcp_diag module is not integrated into kernel version kernel-4.19.43-13.al7.x86_64 or earlier. After you run the ss command on an instance that uses the preceding kernel version, the /proc/net/tcp interface is used. The return value of the tx_queue parameter that indicates the transmit queue size of a listening TCP socket is 0. As a result, after you run the ss -lnt command, the return value of the Send-Q parameter is 0. We recommend that you do not use the /proc/net/tcp interface. For more information, see Overview of the /proc/net/tcp interface.

    The Send-Q parameter in the ss -lnt command output indicates the maximum queue size of all connections on a listening TCP socket. net-tools and iproute2a are Linux toolkits that are provided to allow users to manage network connections. Since 2001, net-tools is not maintained and is deprecated in favor of iproute2. The ss command provided by iproute2 serves the similar purposes as the netstat command provided by net-tools. The following section describes the differences between the methods for obtaining network information by using the ss command and the netstat command:

    • The netstat command uses the /proc/net/tcp interface to obtain statistics on TCP sockets.

    • By default, the ss command communicates with the tcp_diag kernel module by using the socket interface to obtain statistics on TCP sockets. If your kernel does not support the tcp_diag kernel module, the /proc/net/tcp interface is used.

    Solution

    Upgrade the kernel version of your instance to kernel-4.19.43-13.1.al7.x86_64 or later.