pos機(jī)連接服務(wù)器連不上

網(wǎng)上有很多關(guān)于pos機(jī)連接服務(wù)器連不上,Linux服務(wù)器百萬(wàn)并發(fā)實(shí)現(xiàn)與問(wèn)題排查的知識(shí)，也有很多人為大家解答關(guān)于pos機(jī)連接服務(wù)器連不上的問(wèn)題，今天pos機(jī)之家(www.www690aa.com)為大家整理了關(guān)于這方面的知識(shí)，讓我們一起來(lái)看下吧!

本文目錄一覽：

1、pos機(jī)連接服務(wù)器連不上

pos機(jī)連接服務(wù)器連不上

前言

實(shí)現(xiàn)一臺(tái)服務(wù)器的百萬(wàn)并發(fā)，服務(wù)器支撐百萬(wàn)連接會(huì)出現(xiàn)哪些問(wèn)題，如何排查與解決這些問(wèn)題 是本文的重點(diǎn)

服務(wù)器能夠同時(shí)建立連接的數(shù)量 不是 并發(fā)量，它只是并發(fā)量一個(gè)基礎(chǔ)。服務(wù)器的并發(fā)量：一個(gè)服務(wù)器能夠同時(shí)承載客戶端的數(shù)量；承載：服務(wù)器能夠穩(wěn)定的維持這些連接，能夠響應(yīng)請(qǐng)求，在200ms內(nèi)返回響應(yīng)就認(rèn)為是ok的，其中這200ms包括數(shù)據(jù)庫(kù)的操作，網(wǎng)絡(luò)帶寬，內(nèi)存操作，日志等時(shí)間。測(cè)試介紹

服務(wù)器 采用 1臺(tái) centos7 12G 1核虛擬機(jī)

客戶端 采用 2臺(tái) centos7 3G 1核虛擬機(jī)

服務(wù)器代碼：?jiǎn)蝦eactor單線程，IO多路復(fù)用使用epoll

客戶端代碼：IO多路復(fù)用使用epoll，每個(gè)客戶端發(fā)51w個(gè)連接，每個(gè)連接發(fā)送一次數(shù)據(jù)，讀取一次數(shù)據(jù)之后不再發(fā)送數(shù)據(jù)

服務(wù)器代碼

由于fd的數(shù)量未知，這里設(shè)計(jì)ntyreactor 里面包含 eventblock ，eventblock 包含1024個(gè)fd。每個(gè)fd通過(guò) fd/1024定位到在第幾個(gè)eventblock，通過(guò)fd24定位到在eventblock第幾個(gè)位置。

struct ntyevent { int fd; int events; void *arg; Ncallback callback; int status; char buffer[BUFFER_LENGTH]; int length;};struct eventblock { struct eventblock *next; struct ntyevent *events;};struct ntyreactor { int epfd; int blkcnt; struct eventblock *evblk;};

#include <stdio.h>#include <stdlib.h>#include <string.h>#include <sys/socket.h>#include <sys/epoll.h>#include <arpa/inet.h>#include <fcntl.h>#include <unistd.h>#include <errno.h>#define BUFFER_LENGTH 4096#define MAX_EPOLL_EVENTS 1024#define SERVER_PORT 8081#define PORT_COUNT 100typedef int (*NCALLBACK)(int, int, void *);struct ntyevent { int fd; int events; void *arg; NCALLBACK callback; int status; char buffer[BUFFER_LENGTH]; int length;};struct eventblock { struct eventblock *next; struct ntyevent *events;};struct ntyreactor { int epfd; int blkcnt; struct eventblock *evblk;};int recv_cb(int fd, int events, void *arg);int send_cb(int fd, int events, void *arg);struct ntyevent *ntyreactor_find_event_idx(struct ntyreactor *reactor, int sockfd);void nty_event_set(struct ntyevent *ev, int fd, NCALLBACK *callback, void *arg) { ev->fd = fd; ev->callback = callback; ev->events = 0; ev->arg = arg;}int nty_event_add(int epfd, int events, struct ntyevent *ev) { struct epoll_event ep_ev = {0, {0}}; ep_ev.data.ptr = ev; ep_ev.events = ev->events = events; int op; if (ev->status == 1) { op = EPOLL_CTL_MOD; } else { op = EPOLL_CTL_ADD; ev->status = 1; } if (epoll_ctl(epfd, op, ev->fd, &ep_ev) < 0) { printf("event add failed [fd=%d], events[%d]\", ev->fd, events); return -1; } return 0;}int nty_event_del(int epfd, struct ntyevent *ev) { struct epoll_event ep_ev = {0, {0}}; if (ev->status != 1) { return -1; } ep_ev.data.ptr = ev; ev->status = 0; epoll_ctl(epfd, EPOLL_CTL_DEL, ev->fd, &ep_ev); return 0;}int recv_cb(int fd, int events, void *arg) { struct ntyreactor *reactor = (struct ntyreactor *) arg; struct ntyevent *ev = ntyreactor_find_event_idx(reactor, fd); int len = recv(fd, ev->buffer, BUFFER_LENGTH, 0); // nty_event_del(reactor->epfd, ev); if (len > 0) { ev->length = len; ev->buffer[len] = '\\0';// printf("recv[%d]:%s\", fd, ev->buffer); printf("recv fd=[%d\", fd); nty_event_set(ev, fd, send_cb, reactor); nty_event_add(reactor->epfd, EPOLLOUT, ev); } else if (len == 0) { close(ev->fd); //printf("[fd=%d] pos[%ld], closed\", fd, ev-reactor->events); } else { close(ev->fd);// printf("recv[fd=%d] error[%d]:%s\", fd, errno, strerror(errno)); } return len;}int send_cb(int fd, int events, void *arg) { struct ntyreactor *reactor = (struct ntyreactor *) arg; struct ntyevent *ev = ntyreactor_find_event_idx(reactor, fd); int len = send(fd, ev->buffer, ev->length, 0); if (len > 0) {// printf("send[fd=%d], [%d]%s\", fd, len, ev->buffer); printf("send fd=[%d\]", fd); nty_event_del(reactor->epfd, ev); nty_event_set(ev, fd, recv_cb, reactor); nty_event_add(reactor->epfd, EPOLLIN, ev); } else { nty_event_del(reactor->epfd, ev); close(ev->fd); printf("send[fd=%d] error %s\", fd, strerror(errno)); } return len;}int accept_cb(int fd, int events, void *arg) {//非阻塞 struct ntyreactor *reactor = (struct ntyreactor *) arg; if (reactor == NULL) return -1; struct sockaddr_in client_addr; socklen_t len = sizeof(client_addr); int clientfd; if ((clientfd = accept(fd, (struct sockaddr *) &client_addr, &len)) == -1) { printf("accept: %s\", strerror(errno)); return -1; } if ((fcntl(clientfd, F_SETFL, O_NONBLOCK)) < 0) { printf("%s: fcntl nonblocking failed, %d\", __func__, MAX_EPOLL_EVENTS); return -1; } struct ntyevent *event = ntyreactor_find_event_idx(reactor, clientfd); nty_event_set(event, clientfd, recv_cb, reactor); nty_event_add(reactor->epfd, EPOLLIN, event); printf("new connect [%s:%d], pos[%d]\", inet_ntoa(client_addr.sin_addr), ntohs(client_addr.sin_port), clientfd); return 0;}int init_sock(short port) { int fd = socket(AF_INET, SOCK_STREAM, 0); fcntl(fd, F_SETFL, O_NONBLOCK); struct sockaddr_in server_addr; memset(&server_addr, 0, sizeof(server_addr)); server_addr.sin_family = AF_INET; server_addr.sin_addr.s_addr = htonl(INADDR_ANY); server_addr.sin_port = htons(port); bind(fd, (struct sockaddr *) &server_addr, sizeof(server_addr)); if (listen(fd, 20) < 0) { printf("listen failed : %s\", strerror(errno)); } return fd;}int ntyreactor_alloc(struct ntyreactor *reactor) { if (reactor == NULL) return -1; if (reactor->evblk == NULL) return -1; struct eventblock *blk = reactor->evblk; while (blk->next != NULL) { blk = blk->next; } struct ntyevent *evs = (struct ntyevent *) malloc((MAX_EPOLL_EVENTS) * sizeof(struct ntyevent)); if (evs == NULL) { printf("ntyreactor_alloc ntyevents failed\"); return -2; } memset(evs, 0, (MAX_EPOLL_EVENTS) * sizeof(struct ntyevent)); struct eventblock *block = (struct eventblock *) malloc(sizeof(struct eventblock)); if (block == NULL) { printf("ntyreactor_alloc eventblock failed\"); return -2; } memset(block, 0, sizeof(struct eventblock)); block->events = evs; block->next = NULL; blk->next = block; reactor->blkcnt++; // return 0;}struct ntyevent *ntyreactor_find_event_idx(struct ntyreactor *reactor, int sockfd) { int blkidx = sockfd / MAX_EPOLL_EVENTS; while (blkidx >= reactor->blkcnt) { ntyreactor_alloc(reactor); } int i = 0; struct eventblock *blk = reactor->evblk; while (i++ < blkidx && blk != NULL) { blk = blk->next; } return &blk->events[sockfd % MAX_EPOLL_EVENTS];}int ntyreactor_init(struct ntyreactor *reactor) { if (reactor == NULL) return -1; memset(reactor, 0, sizeof(struct ntyreactor)); reactor->epfd = epoll_create(1); if (reactor->epfd <= 0) { printf("create epfd in %s err %s\", __func__, strerror(errno)); return -2; } struct ntyevent *evs = (struct ntyevent *) malloc((MAX_EPOLL_EVENTS) * sizeof(struct ntyevent)); if (evs == NULL) { printf("ntyreactor_alloc ntyevents failed\"); return -2; } memset(evs, 0, (MAX_EPOLL_EVENTS) * sizeof(struct ntyevent)); struct eventblock *block = (struct eventblock *) malloc(sizeof(struct eventblock)); if (block == NULL) { printf("ntyreactor_alloc eventblock failed\"); return -2; } memset(block, 0, sizeof(struct eventblock)); block->events = evs; block->next = NULL; reactor->evblk = block; reactor->blkcnt = 1; return 0;}int ntyreactor_destory(struct ntyreactor *reactor) { close(reactor->epfd); //free(reactor->events); struct eventblock *blk = reactor->evblk; struct eventblock *blk_next = NULL; while (blk != NULL) { blk_next = blk->next; free(blk->events); free(blk); blk = blk_next; } return 0;}int ntyreactor_addlistener(struct ntyreactor *reactor, int sockfd, NCALLBACK *acceptor) { if (reactor == NULL) return -1; if (reactor->evblk == NULL) return -1; struct ntyevent *event = ntyreactor_find_event_idx(reactor, sockfd); nty_event_set(event, sockfd, acceptor, reactor); nty_event_add(reactor->epfd, EPOLLIN, event); return 0;}_Noreturn int ntyreactor_run(struct ntyreactor *reactor) { if (reactor == NULL) return -1; if (reactor->epfd < 0) return -1; if (reactor->evblk == NULL) return -1; struct epoll_event events[MAX_EPOLL_EVENTS + 1]; int i; while (1) { int nready = epoll_wait(reactor->epfd, events, MAX_EPOLL_EVENTS, 1000); if (nready < 0) { printf("epoll_wait error, exit\"); continue; } for (i = 0; i < nready; i++) { struct ntyevent *ev = (struct ntyevent *) events[i].data.ptr; if ((events[i].events & EPOLLIN) && (ev->events & EPOLLIN)) { ev->callback(ev->fd, events[i].events, ev->arg); } if ((events[i].events & EPOLLOUT) && (ev->events & EPOLLOUT)) { ev->callback(ev->fd, events[i].events, ev->arg); } } }}// <remoteip, remoteport, localip, localport,protocol>int main(int argc, char *argv[]) { unsigned short port = SERVER_PORT; // listen 8081 if (argc == 2) { port = atoi(argv[1]); } struct ntyreactor *reactor = (struct ntyreactor *) malloc(sizeof(struct ntyreactor)); ntyreactor_init(reactor); int i = 0; int sockfds[PORT_COUNT] = {0}; for (i = 0; i < PORT_COUNT; i++) { sockfds[i] = init_sock(port + i); ntyreactor_addlistener(reactor, sockfds[i], accept_cb); } ntyreactor_run(reactor); ntyreactor_destory(reactor); for (i = 0; i < PORT_COUNT; i++) { close(sockfds[i]); } free(reactor); return 0;}

客戶端代碼

#include <stdio.h>#include <string.h>#include <stdlib.h>#include <sys/types.h>#include <sys/socket.h>#include <sys/epoll.h>#include <errno.h>#include <netinet/tcp.h>#include <arpa/inet.h>#include <netdb.h>#include <fcntl.h>#include <sys/time.h>#include <unistd.h>#define MAX_BUFFER128#define MAX_EPOLLSIZE(384*1024)#define MAX_PORT100#define TIME_SUB_MS(tv1, tv2) ((tv1.tv_sec - tv2.tv_sec) * 1000 + (tv1.tv_usec - tv2.tv_usec) / 1000)int isContinue = 0;static int ntySetNonblock(int fd) {int flags;flags = fcntl(fd, F_GETFL, 0);if (flags < 0) return flags;flags |= O_NONBLOCK;if (fcntl(fd, F_SETFL, flags) < 0) return -1;return 0;}static int ntySetReUseAddr(int fd) {int reuse = 1;return setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&reuse, sizeof(reuse));}int main(int argc, char **argv) {if (argc <= 2) {printf("Usage: %s ip port\", argv[0]);exit(0);}const char *ip = argv[1];int port = atoi(argv[2]);int connections = 0;char buffer[128] = {0};int i = 0, index = 0;struct epoll_event events[MAX_EPOLLSIZE];int epoll_fd = epoll_create(MAX_EPOLLSIZE);strcpy(buffer, " Data From MulClient\");struct sockaddr_in addr;memset(&addr, 0, sizeof(struct sockaddr_in));addr.sin_family = AF_INET;addr.sin_addr.s_addr = inet_addr(ip);struct timeval tv_begin;gettimeofday(&tv_begin, NULL);while (1) {if (++index >= MAX_PORT) index = 0;struct epoll_event ev;int sockfd = 0;if (connections < 340000 && !isContinue) {sockfd = socket(AF_INET, SOCK_STREAM, 0);if (sockfd == -1) {perror("socket");goto err;}//ntySetReUseAddr(sockfd);addr.sin_port = htons(port+index);if (connect(sockfd, (struct sockaddr*)&addr, sizeof(struct sockaddr_in)) < 0) {perror("connect");goto err;}ntySetNonblock(sockfd);ntySetReUseAddr(sockfd);sprintf(buffer, "Hello Server: client --> %d\", connections);send(sockfd, buffer, strlen(buffer), 0);ev.data.fd = sockfd;ev.events = EPOLLIN | EPOLLOUT;epoll_ctl(epoll_fd, EPOLL_CTL_ADD, sockfd, &ev);connections ++;}//connections ++;if (connections % 1000 == 999 || connections >= 340000) {struct timeval tv_cur;memcpy(&tv_cur, &tv_begin, sizeof(struct timeval));gettimeofday(&tv_begin, NULL);int time_used = TIME_SUB_MS(tv_begin, tv_cur);printf("connections: %d, sockfd:%d, time_used:%d\", connections, sockfd, time_used);int nfds = epoll_wait(epoll_fd, events, connections, 100);for (i = 0;i < nfds;i ++) {int clientfd = events[i].data.fd;if (events[i].events & EPOLLOUT) {sprintf(buffer, "data from %d\", clientfd);send(sockfd, buffer, strlen(buffer), 0);} else if (events[i].events & EPOLLIN) {char rBuffer[MAX_BUFFER] = {0};ssize_t length = recv(sockfd, rBuffer, MAX_BUFFER, 0);if (length > 0) {printf(" RecvBuffer:%s\", rBuffer);if (!strcmp(rBuffer, "quit")) {isContinue = 0;}} else if (length == 0) {printf(" Disconnect clientfd:%d\", clientfd);connections --;close(clientfd);} else {if (errno == EINTR) continue;printf(" Error clientfd:%d, errno:%d\", clientfd, errno);close(clientfd);}} else {printf(" clientfd:%d, errno:%d\", clientfd, errno);close(clientfd);}}}usleep(1 * 1000);}return 0;err:printf("error : %s\", strerror(errno));return 0;}

相關(guān)視頻推薦

準(zhǔn)備4臺(tái)虛擬機(jī)，一起來(lái)實(shí)現(xiàn)服務(wù)器百萬(wàn)級(jí)并發(fā)

linux多線程之epoll原理剖析與reactor原理及應(yīng)用

學(xué)習(xí)地址：C/C++Linux服務(wù)器開(kāi)發(fā)/后臺(tái)架構(gòu)師【零聲教育】-學(xué)習(xí)視頻教程-騰訊課堂

需要C/C++ Linux服務(wù)器架構(gòu)師學(xué)習(xí)資料加qun812855908（資料包括C/C++，Linux，golang技術(shù)，內(nèi)核，Nginx，ZeroMQ，MySQL，Redis，fastdfs，MongoDB，ZK，流媒體，CDN，P2P，K8S，Docker，TCP/IP，協(xié)程，DPDK，ffmpeg，大廠面試題 等）

error : Too many open files

確定問(wèn)題

程序執(zhí)行到一半，創(chuàng)建了1023個(gè)連接后，報(bào)錯(cuò)Too many open files

//服務(wù)端new connect [192.168.109.101:36994], pos[1019]new connect [192.168.109.101:55832], pos[1020]new connect [192.168.109.101:43460], pos[1021]new connect [192.168.109.101:59938], pos[1022]new connect [192.168.109.101:46098], pos[1023]accept: Too many open filesaccept: Too many open files//客戶端connect: Connection refusederror : Connection refused

懷疑是文件系統(tǒng)默認(rèn)允許打開(kāi)文件描述符數(shù)量個(gè)數(shù)（默認(rèn)1024）的限制，使用ulimit -a查看open files的數(shù)量

open files：一個(gè)進(jìn)程能夠打開(kāi)文件描述符的數(shù)量

[root@master temp]# ulimit -acore file size (blocks, -c) 0data seg size (kbytes, -d) unlimitedscheduling priority (-e) 0file size (blocks, -f) unlimitedpending signals (-i) 47748max locked memory (kbytes, -l) 64max memory size (kbytes, -m) unlimitedopen files (-n) 1024pipe size (512 bytes, -p) 8POSIX message queues (bytes, -q) 819200real-time priority (-r) 0stack size (kbytes, -s) 8192cpu time (seconds, -t) unlimitedmax user processes (-u) 47748virtual memory (kbytes, -v) unlimitedfile locks (-x) unlimited

那么我們把open files調(diào)大一點(diǎn)點(diǎn)，看是否會(huì)停在2047，如果是，則說(shuō)明問(wèn)題就是open files太小的問(wèn)題，實(shí)驗(yàn)發(fā)現(xiàn)就是這個(gè)原因。

[root@master temp]# ulimit -n 2048[root@master temp]# ulimit -acore file size (blocks, -c) 0data seg size (kbytes, -d) unlimitedscheduling priority (-e) 0file size (blocks, -f) unlimitedpending signals (-i) 47748max locked memory (kbytes, -l) 64max memory size (kbytes, -m) unlimitedopen files (-n) 2048pipe size (512 bytes, -p) 8POSIX message queues (bytes, -q) 819200real-time priority (-r) 0stack size (kbytes, -s) 8192cpu time (seconds, -t) unlimitedmax user processes (-u) 47748virtual memory (kbytes, -v) unlimitedfile locks (-x) unlimitednew connect [192.168.109.101:53996], pos[2046]new connect [192.168.109.101:60742], pos[2047]accept: Too many open files

解決問(wèn)題

臨時(shí)修改，只在當(dāng)前這個(gè)會(huì)話有效：ulimit -n 1048576永久修改，對(duì)所有會(huì)話有效：添加下面兩行代碼

注意這里修改的是：一個(gè)進(jìn)程能夠打開(kāi)文件描述符的數(shù)量

[root@master temp]# vim /etc/security/limits.conf# 修改[root@master temp]# reboot# 重啟生效

* soft nofile 1048576* hard nofile 1048576軟限制：超出軟限制會(huì)發(fā)出警告硬限制：絕對(duì)限制,在任何情況下都不允許用戶超過(guò)這個(gè)限制

這里還需要注意一點(diǎn)：file-max: 系統(tǒng)一共可以打開(kāi)的最大文件數(shù)（所有進(jìn)程加起來(lái)）

[root@master temp]# cat /proc/sys/fs/file-max1202172

# 編輯內(nèi)核參數(shù)配置文件vim /etc/sysctl.conf# 修改fs.file-max參數(shù)fs.file-max = 1048576# 重新加載配置文件sysctl -p

另外這里建議ulimit -n 和limits.conf里nofile 設(shè)定最好不要超過(guò)/proc/sys/fs/file-max的值（雖然我測(cè)試了超過(guò)也沒(méi)關(guān)系），這個(gè)小問(wèn)題仁者見(jiàn)仁智者見(jiàn)智了。

error : Cannot assign requested address

確定問(wèn)題

現(xiàn)在的環(huán)境背景：服務(wù)器只開(kāi)放一個(gè)端口，客戶端不斷的去請(qǐng)求去連接。然后客戶端error : Cannot assign requested address

Cannot assign requested address這代表著客戶端端口耗盡，我們先來(lái)看看如何確定一個(gè)fd，反過(guò)來(lái)說(shuō)一個(gè)fd代表著什么

socket fd --- < 源IP地址 , 源端口 , 目的IP地址 , 目的端口 , 協(xié)議 > 一個(gè)fd就是一個(gè)五元組，在現(xiàn)在的環(huán)境中，五元組里面確定了四個(gè)，所以最多創(chuàng)建 1 * 源端口 * 1 * 1 * 1個(gè)fd

# 服務(wù)端new connect [192.168.109.101:57921], pos[28234]new connect [192.168.109.101:57923], pos[28235]send[fd=21003] error Connection reset by peersend[fd=22003] error Connection reset by peer# 客戶端connections: 26999, sockfd:27002, time_used:2399connections: 27999, sockfd:28002, time_used:2404connect: Cannot assign requested addresserror : Cannot assign requested address

我們看到大概創(chuàng)建了2.8w的fd ， 可是我們知道端口一個(gè)有6w多個(gè)，也就是說(shuō)有6w個(gè)端口，為什么我們只使用了2.8w個(gè)？

Linux中有限定端口的使用范圍:60999 - 32768 = 2.8w ,與我們上面實(shí)驗(yàn)結(jié)果相符。

The /proc/sys/net/ipv4/ip_local_port_range defines the local port range that is used by TCP and UDP traffic to choose the local port. You will see in the parameters of this file two numbers: The first number is the first local port allowed for TCP and UDP traffic on the server, the second is the last local port number. For high-usage systems you may change its default parameters to 32768-61000 -first-last.

proc/sys/net/ipv4/ip_local_port_range范圍定義TCP和UDP通信用于選擇本地端口的本地端口范圍。您將在該文件的參數(shù)中看到兩個(gè)數(shù)字：第一個(gè)數(shù)字是服務(wù)器上允許TCP和UDP通信的第一個(gè)本地端口，第二個(gè)是最后一個(gè)本地端口號(hào)。對(duì)于高使用率的系統(tǒng)，您可以將其默認(rèn)參數(shù)更改為32768-61000(first-last)。

[root@master temp]# sysctl net.ipv4.ip_local_port_rangenet.ipv4.ip_local_port_range = 3276860999

解決問(wèn)題

修改net.ipv4.ip_local_port_range的范圍，一般不這樣做，我們這里研究的是服務(wù)器，怎么會(huì)去對(duì)客戶端進(jìn)行修改呢

之前已經(jīng)說(shuō)了這個(gè)問(wèn)題的背景，就是只開(kāi)放了一個(gè)端口，并且socket fd --- < 源IP地址 , 源端口, 目的IP地址 , 目的端口 , 運(yùn)輸層協(xié)議 >，在這個(gè)背景下才產(chǎn)生的這個(gè)問(wèn)題，所以我們可以開(kāi)放更多的端口，比如說(shuō)100個(gè)，那么一個(gè)客戶端就能連到280w了

error : Connection timed out

確定問(wèn)題

我們將服務(wù)器端口開(kāi)100個(gè)，按理說(shuō)客戶端可以連280w，但是現(xiàn)在只連接到13w就error : Connection timed out，與我們的預(yù)期不符

//服務(wù)端new connect [192.168.109.101:54585], pos[131165]new connect [192.168.109.101:48265], pos[131166]new connect [192.168.109.101:51997], pos[131167]new connect [192.168.109.101:43239], pos[131168]send[fd=20102] error Connection reset by peersend[fd=21102] error Connection reset by peersend[fd=22102] error Connection reset by peer//客戶端connections: 127999, sockfd:128002, time_used:7576connections: 128999, sockfd:129002, time_used:2683connections: 129999, sockfd:130002, time_used:2669connections: 130999, sockfd:131002, time_used:4610connect: Connection timed outerror : Connection timed out

網(wǎng)卡接收的數(shù)據(jù)，會(huì)發(fā)送到協(xié)議棧里面，通過(guò)sk_buff將數(shù)據(jù)傳到協(xié)議棧，協(xié)議棧處理完再交給應(yīng)用程序。由于操作系統(tǒng)在使用的時(shí)候，為防止被攻擊，在數(shù)據(jù)發(fā)送給協(xié)議棧之前進(jìn)行一個(gè)過(guò)濾，在協(xié)議棧前面加了一個(gè)小組件：過(guò)濾器，叫做netfilter。

netfilter主要是對(duì)網(wǎng)絡(luò)數(shù)據(jù)包進(jìn)行一個(gè)過(guò)濾，在netfilter的基礎(chǔ)上我們就可以實(shí)現(xiàn)防火墻，在linux里面有一個(gè)就叫做iptables，iptables是基于netfilter做的，iptables分為兩部分，一部分是內(nèi)核實(shí)現(xiàn)的netfilter接口，一部分是應(yīng)用程序提供給用戶使用的。iptables真正實(shí)現(xiàn)的是netfilter提供的接口。

Connection timed out譯為連接超時(shí)，也就是說(shuō)，client發(fā)送的請(qǐng)求超時(shí)了，那么這個(gè)超時(shí)有兩種情況，第一種：三次握手第一次的SYN沒(méi)發(fā)出去，第二種：三次握手第二次ACK沒(méi)收到。

netfilter不管對(duì)發(fā)送的數(shù)據(jù)，還是對(duì)接收的數(shù)據(jù)，都是可以過(guò)濾的。當(dāng)連接數(shù)量達(dá)到一定數(shù)量的時(shí)候，netfilter就會(huì)不允許再對(duì)外發(fā)連接了。所以現(xiàn)在推測(cè)是情況1造成的，發(fā)送的SYN被netfilter攔截了。

事實(shí)是這樣嗎，我們來(lái)查看一下netfilter允許對(duì)外最大連接數(shù)量是多少。13w，與我們上面建立成功的數(shù)量一致，所以現(xiàn)在就可以確定是netfilter允許對(duì)外開(kāi)放的最大連接數(shù)造成的了

[root@node1 temp]# cat /proc/sys/net/netfilter/nf_conntrack_max131072

解決問(wèn)題

我們可以通過(guò)設(shè)置netfilter允許對(duì)外最大連接數(shù)量，來(lái)解決這個(gè)問(wèn)題

# 查看允許對(duì)外最大連接數(shù)量[root@node1 temp]# cat /proc/sys/net/netfilter/nf_conntrack_max131072# 進(jìn)行配置vim /etc/sysctl.conf# 在配置文件中把net.nf_conntrack_max參數(shù)修改為1048576（如果配置就自己添加一行）net.nf_conntrack_max = 1048576# 重新加載配置文件sysctl -p# 再次查看，發(fā)現(xiàn)生效了[root@node1 temp]# cat /proc/sys/net/netfilter/nf_conntrack_max1048576killed（已殺死）

確定問(wèn)題

這里我們先給客戶端虛擬機(jī)2G的內(nèi)存，然后發(fā)現(xiàn)到24w的時(shí)候，客戶端進(jìn)程被殺死了

connections: 239999, sockfd:240002, time_used:9837connections: 240999, sockfd:241002, time_used:10608connections: 241999, sockfd:242002, time_used:13109connections: 242999, sockfd:243002, time_used:15112connections: 243999, sockfd:244002, time_used:12606已殺死

我們來(lái)看一下kill記錄，發(fā)現(xiàn)是內(nèi)存不足。

[root@node1 ~]# dmesg | egrep -i -B100 'killed process'[ 2310.265218] Out of memory: Kill process 7266 (C1000Kclient) score 1 or sacrifice child[ 2310.265962] Killed process 7266 (C1000Kclient) total-vm:8708kB, anon-rss:2960kB, file-rss:0kB, shmem-rss:0kB

這里直接說(shuō)原因吧，是因?yàn)槌绦蛎總€(gè)fd都有一個(gè)tcp接收緩沖區(qū)和tcp發(fā)送緩沖區(qū)。而默認(rèn)的太大了，導(dǎo)致Linux內(nèi)存不足，進(jìn)程被殺死，所有我們需要適當(dāng)?shù)目s小。進(jìn)程空間，代碼段，堆棧都是要占用內(nèi)存的。

解決問(wèn)題

我們只需要對(duì)net.ipv4.tcp_mem，net.ipv4.tcp_wmem，net.ipv4.tcp_rmem進(jìn)行適合的修改即可

# 編輯內(nèi)核參數(shù)配置文件vim /etc/sysctl.conf# 添加以下內(nèi)容# 最小值 默認(rèn)值 最大值net.ipv4.tcp_mem = 252144 524288 786432# tcp協(xié)議棧的大小，單位為內(nèi)存頁(yè)（4K），分別是 1G 2G 3G，如果大于2G，tcp協(xié)議棧會(huì)進(jìn)行一定的優(yōu)化net.ipv4.tcp_wmem = 1024 1024 2048 # tcp接收緩存區(qū)(用于tcp接受滑動(dòng)窗口)的最小值，默認(rèn)值和最大值（單位byte）1k 1k 2k,每一個(gè)連接fd都有一個(gè)接收緩存區(qū)net.ipv4.tcp_rmem = 1024 1024 2048 # tcp發(fā)送緩存區(qū)(用于tcp發(fā)送滑動(dòng)窗口)的最小值，默認(rèn)值和最大值（單位byte）1k 1k 2k,每一個(gè)連接fd都有一個(gè)發(fā)送緩存區(qū)# 總緩存 = （每個(gè)fd發(fā)送緩存區(qū) + 每個(gè)fd接收緩存區(qū)） * fd數(shù)量# （1024byte + 1024byte ） * 100w 約等于 2G

如果服務(wù)器是用來(lái)接收大文件，傳輸量很大的時(shí)候，就要把send buffer和read buffer調(diào)大。

如果服務(wù)器只是接收小數(shù)據(jù)字符的時(shí)候。把buffer調(diào)小是為了把fd的數(shù)量做到更多，并發(fā)數(shù)量能做到更大。如果buffer調(diào)大的話，內(nèi)存會(huì)不夠。

百萬(wàn)并發(fā)測(cè)試結(jié)果出現(xiàn)的問(wèn)題總結(jié)

想要實(shí)現(xiàn)服務(wù)器百萬(wàn)并發(fā)：

一個(gè)進(jìn)程能夠打開(kāi)文件描述符的數(shù)量open files 和 file-max 改成100w以上在不同的環(huán)境下要看開(kāi)放的端口夠不夠socket fd --- < 源IP地址 , 源端口 , 目的IP地址 , 目的端口 , 協(xié)議 >設(shè)置netfilter允許對(duì)外最大連接數(shù)量100w以上根據(jù)內(nèi)存和場(chǎng)景，適當(dāng)調(diào)整net.ipv4.tcp_mem，net.ipv4.tcp_wmem，net.ipv4.tcp_rmem

原文地址：Linux服務(wù)器百萬(wàn)并發(fā)實(shí)現(xiàn)與問(wèn)題排查

以上就是關(guān)于pos機(jī)連接服務(wù)器連不上,Linux服務(wù)器百萬(wàn)并發(fā)實(shí)現(xiàn)與問(wèn)題排查的知識(shí)，后面我們會(huì)繼續(xù)為大家整理關(guān)于pos機(jī)連接服務(wù)器連不上的知識(shí)，希望能夠幫助到大家！