Bug 834061 - [RFE] RHDS: Implement SO_KEEPALIVE in network calls.
Summary: [RFE] RHDS: Implement SO_KEEPALIVE in network calls.
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base
Version: 6.4
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Rich Megginson
QA Contact: Sankar Ramalingam
: 711207 (view as bug list)
Depends On:
Blocks: 782183 840699
TreeView+ depends on / blocked
Reported: 2012-06-20 18:10 UTC by Nathan Kinder
Modified: 2018-11-28 21:42 UTC (History)
6 users (show)

Fixed In Version: 389-ds-base-
Doc Type: Bug Fix
Doc Text:
Cause: DS did not take into account the OS TCP keepalive setting. Consequence: Connections might be not clsoed out as they should Fix: Add the keepalive setting to DS connections Result: Connections being closed out as they should be.
Clone Of:
Last Closed: 2013-02-21 08:19:37 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:0503 normal SHIPPED_LIVE Moderate: 389-ds-base security, bug fix, and enhancement update 2013-02-21 08:18:44 UTC

Description Nathan Kinder 2012-06-20 18:10:55 UTC
This bug is created as a clone of upstream ticket:


2.  What is the nature and description of the request?
Implement SO_KEEPALIVE in network calls

3.  Why does the customer need this? (List the business requirements here)
Customer's RHDS being affected by lingering TCP connections that are not
correctly closed (refer to https://access.redhat.com/kb/docs/DOC-44459).
From RFC 1122:
 A TCP keep-alive mechanism should only be invoked in
 server applications that might otherwise hang
 indefinitely and consume resources unnecessarily if a
 client crashes or aborts a connection during a network
With this implementation, RHDS would be more resilient to
misconfigured/problematic clients, at a minimum cost.

4.  How would the customer like to achieve this? (List the functional
requirements here)
Implement SO_KEEPALIVE in network calls.

5.  For each functional requirement listed in question 4, specify how Red Hat
and the customer can test to confirm the requirement is successfully
# netstat -tnpo
 tcp        0      0
ESTABLISHED 1337/ns-slapd         keepalive (2740.13/0/0)

6.  Is there already an existing RFE upstream or in Red Hat bugzilla?

7.  How quickly does this need resolved? (desired target release)

8.  Does this request meet the RHEL Inclusion criteria (please review)

9.  List the affected packages

10. Would the customer be able to assist in testing this functionality if

Comment 1 Nathan Kinder 2012-06-20 21:53:29 UTC
*** Bug 711207 has been marked as a duplicate of this bug. ***

Comment 2 RHEL Product and Program Management 2012-07-10 07:10:09 UTC
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.

Comment 4 Ludek Smid 2012-07-11 11:51:02 UTC
This request was erroneously removed from consideration in
Red Hat Enterprise Linux 6.4, which is currently under
development.  This request will be evaluated for inclusion
in Red Hat Enterprise Linux 6.4.

Comment 5 Jenny Severance 2012-08-28 13:25:44 UTC
automated egression tests covered in monitor test suite. Requires netcat [nc] to run.

Comment 7 Milan Kubík 2012-11-12 10:58:09 UTC

$ nc -d $IP $PORT &

[mkubik@dstet-mkubik ~]$ sudo netstat -tnpo | grep ns-slapd | grep -i keepalive
tcp        0      0 ::1:389                     ::1:43130                   ESTABLISHED 6565/ns-slapd       keepalive (6807.66/0/0)
[mkubik@dstet-mkubik ~]$ echo $?
[mkubik@dstet-mkubik ~]$ rpm -qa | grep -i 389-ds-base

Comment 8 errata-xmlrpc 2013-02-21 08:19:37 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.