On Fri, 17 Jun 2011 19:51:59 +0200, Tom Lane <t...@sss.pgh.pa.us> wrote:
I looked at the glibc source code for getaddrinfo, and it looks like they do reliably set sin_port to zero when no service argument is provided, despite the above documentation statement. So that's why it works for me. But still, if you're on a non-Linux platform it seems possible that this is the mechanism for what's biting you.
Both client and server are Linux systems here and sin_port is 0 also according to debug output I added. I cannot reproduce the problem reliably (the users are much better testers it seems), so I'm a bit stuck with my best guess being TIME_WAIT issues, perhaps FIN packets getting lost. I've set
sysctl -w net.ipv4.tcp_tw_reuse=1 now and will post again if there is any change.
(BTW, is it really sane to be using ident auth over a "high latency connection"? That would certainly suggest to me that you could be getting connections from untrustworthy machines ...)
Both endpoints are properly firewalled (the sane sysadmins say so) and for this particular connection only one client IP address is allowed by pg_hba.conf, the reason why we also use ident authentication is to allow only a few select uid's on the client host to connect to certain DSNs.
Thanks for all the helpful info! Regards, Marinos -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
