Run the following command in an ECS instance:
ss -lnt the value of the Send-Q field is 0.
aliyun-2.1903-x64-20G-alibase-20190507.vhdand earlier versions.
kernel-4.19.43-13.al7.x86_64or earlier versions.
A similar output is displayed.
# ss -lnt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 0 *:35107 *: LISTEN 0 0 *:38727 *: LISTEN 0 0 *:5355 *: LISTEN 0 0 *:111 *:*
For a TCP socket that is listening, the Send-Q field indicates the maximum syn backlog of the Socket. In Linux, this field outputs the maximum capacity of the fully connected queue for the listening socket, so its value should not be "0".
Send-Q Established: The count of bytes not acknowledged by the remote host. Listening: Since Kernel 2.6.18 this column contains the maximum size of the syn backlog.
Cause of problem
ss -lnt the Send-Q field of the command output indicates the maximum capacity of the listening TCP socket fully connected queue. There are net-tools and iproute2 tool kits for user-state network, of which net-tools has been out of maintenance since 2001 and was replaced by iproute2 kit. The ss command is part of the iproute2 suite, and the net-tools implementation function similar to the ss is netstat.
- netstat passes through
/proc/net/tcpto obtain the statistics of TCP sockets.
- ss uses the socket interface to communicate with the tcp_diag kernel module by default to obtain statistics on TCP socket. When the kernel does not support the tcp_diag kernel module, it will fall back to the
kernel-4.19.43-13.al7.x86_64 and earlier kernel versions do not integrate the tcp_diag module. Therefore, the ss command will roll back to the
/proc/net/tcp mode, and
/proc/net/tcp interface (not recommended). The value of the tx_queue field listening TCP socket in the output result of the interface is "0",
ss -lnt"The value of the Send-Q field output by the command is also" "0" "." For more information, see the following documents.
Alibaba Cloud reminds you that:
- If you have any risky operations on an instance or data, pay attention to the disaster tolerance and fault tolerance capabilities of the instance to ensure data security.
- If you modify the configuration and data of an instance (including but not limited to ECS and RDS), we recommend that you create snapshots or enable RDS log backup.
- If you have granted permissions on the Alibaba Cloud platform or submitted security information such as the logon account and password, we recommend that you modify the information as soon as possible.
Upgrade the kernel of an ECS instance to
kernel-4.19.43-13.1.al7.x86_64 and later versions.
- Elastic Compute Service