Lots of telnet sessions

Trent Shipley plug-discuss@lists.plug.phoenix.az.us
Mon, 22 Apr 2002 10:38:35 -0700 

It reminds me of what happens to telco apps when a telephone protocol is 
violated.  One end of the connection is left to guess about the other end.

There is a *nice* way to end a telnet session (exit the telneted remote 
session, exit telnet).  And a typical way to end a telnet session...just kill 
the shell supporting the telnet connection.

My bet is that when the telnet protocol is violated (and that is almost 
always) the telnet process spawned by the telnet server panics trying to 
contact its lost client before it times out and dies.  

There might be a disconnect timeout that is set for about two minutes.

One test would be to see if it behaves the same way when you go through a 
full telnet disconnect protocol.  If it still takes two minutes to kill the 
forked server process then this theory is bunk.

On Monday 22 April 2002 09:43, you wrote:
> Anyone with experience on Linux with large numbers of users telneted in?
> (500+)
>
> 9:23am  up 1 day,  8:50, 482 users,  load average: 143.52, 87.73, 44.33
>
> typical usage is ~4-5 load
>
> When ever a connection drops from a user the telnetd seems to spin out
> of control for about 2 minutes before finally dieing.  Some times one of
> our off site clients with a shacky t1 line drops 100+ users.  We are
> keeping track of it with a script that parses a ps -ef and hunts down
> and kills these processes as fast as it can find them.  This seems like
> quite a hack to me :)
>
> also,
>
> has anyone seen where a ps will take a long time to run.  I know we have
> quite a race condition (that hasn't really affected us that we know of)
> in the way our script runs, because a ps seems to take from 2-5minutes
> to run.  This is a system with 2k processes at any one time.
>
> any suggestions would be cool.
>
> Thanks
>
> ps...for the security concerned about telnet running this is all on a
> firewalled lan.  the off site connection is a dedicated t1.  These
> systems don't send any traffic over the Internet directly.  Although not
> great for keeping out inside hackers we are pretty secure from the
> Internet.