Re: TCP/IP Security Limits - WinXP and XWIN.exe

[René Berber <r dot berber at computer dot org>]

Mark Edwards wrote:

> On 8/16/06, René Berber wrote:
>> Mark Edwards wrote:
[snip]
>> My point was that you need to run netstat to make sure it is XWin...
>> saying
>> "seems" will not encourage anybody to look into this.
>>
>> FWIW I don't think XWin is going to come out as the problem, as I said
>> I haven't
>> seen that problem (and I use ssh -X all the time) and something as big as
>> "TCP/IP has reached the security limit" would certainly come up in
>> this list
>> very often if XWin was the cause.  You're not using WinXP Home are you?
> 
> the reason I say "seems" is that the symptoms given in the Microsoft
> document are not apparent when checking netstat, however the presence
> of the 4226 error is clear indication of a problem.

Then you didn't understood what I meant.

Using netstat is going to show clearly what program is causing the problem, how?
 by counting how many open connections a program has.

Something like "netstat -nb | grep XWin | wc" could give you a count.  But my
first try would be just using netstat to see what program has the most opened
connections.

In fact I've used this test before, about 2 or 3 years back Cygwin's dll was the
one leaving connections all over the place... every time a thread was created a
UDP connection was made an leaked (clamd was the program that I was tracing).
But this was corrected and doesn't happen anymore.  BTW this didn't cause the
problem you describe with MS security, it caused so many opened connections that
after a day or two (this was a server) no other connection could be opened.

> Just so that we get on the same page here, I am currently not using
> ssh -X, I am using the following:
> 
> $ cat ..xinitrc
> xhost +
> ssh int01@tcgtest 'cd development/dialer; ./invoke.sh 172.23.1.197:0.0'
> 
> ... to invoke the application. The 'invoke.sh' script sets the DISPLAY
> environment variable and the GUI appears on my windows box. Right
> before the networking fails.

Your first post said something different: that when you exited the application
the network failed.

> tcgtest is on the same subnet as my windows box, so no firewalling or
> tunnelling required to get to it. Should I be using ssh -X  for this
> type of application do you think?

Again, your first post says something different: that you are using ssh.

Try to keep the facts clear, if you don't understand why using netstat can help,
say so, if you don't see anything on netstat's output maybe you are right or
maybe you don't know what to look for.

The description from Microsoft doesn't say clearly if it is the number of open
connections or the speed of opening connections.  If it is the number then it's
easy to see with netstat; if it is the number/time then the number will not be
that great but then the problem is probably a loop in your script or somewhere,
XWin only opens a couple of connections, with ssh -X it's only one connection.
-- 
René Berber


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://x.cygwin.com/docs/
FAQ:                   http://x.cygwin.com/docs/faq/