Hello everyone, Running some benchmarks, opening an important number of connections per second (~3000 CPS) on FreeBSD 14.1, we hit a limit as shown in dmesg: solisten_clone: pcb 0xfffff80058a1c000: New socket allocation failure: limit reached or out of memory Found out that in versions prior to 14.0, compressed TIME_WAIT came with a cap on connections in TIME_WAIT state. Compressed TIME_WAIT being decommissioned, net.inet.tcp.maxtcptw disappeared too so we ended up hitting the kern.ipc.maxsockets limit. We resorted to lowering sysctl net.inet.tcp.msl (to 1000 ms) to achieve the same result as before (v11.3).
In this context, a strange behavior remains, that might be linked to TIME_WAIT state. We noticed that a source port could be distributed three times during the same second, which seems incoherent regarding the configured msl value. Two things might be worth noting: - we call bind() on * to get a source port before connect() - configuration specifies sysctl net.inet.ip.portrange.randomized=1 As a temporary workaround, port randomization has been disabled. In our test environment, it allows connections to expire as expected before looping on the portrange. Could anyone tell if this is an expected behavior or a bug ? Regards, O: Stormshield Rémi G.
