重点观察:
SYN_RCVD:状态是很短的正常是抓不到的,一旦很多就是DDOS一般
服务器收到客户端的SYN请求后,进入SYN_RCVD状态,并向客户端发送SYN+ACK确认。这个
TIME_WAIT:NAT出去的LB上一般不要优化TIME_WAIT ! 尤其是GITHUB的!!! 内网的web服务器可以优化!!!也就是说网络条件好的时候可以优化此项,节省资源!
一方发送FIN请求并收到对方的ACK后,进入TIME_WAIT状态,等待足够的时间确保对方收到FIN请求。
TIMEWAT优化:
zabbix 自定义simple check 模板
# zabbix_get 基本使用
zabbix_get -s 127.0.0.1 -p 10050 -k "proc.num[,root,all,nginx]" # 显示root 下 所有的 java 进程数量 1、监控端口的几个主要Keys:
| net.tcp.listen[port] | Checks if this port is in LISTEN state. 0 - it is not, 1 - it is in LISTEN state. 监控TCP端口是否监听 |
| net.tcp.port[<ip>,port] | Check, if it is possible to make TCP connection to the port number. 0 - cannot connect, 1 - can connect. IP address is optional. If ip is missing, 127.0.0.1 is used. Example: net.tcp.port[,80] 检查TCP端口是否可以正常连接。 |
| net.tcp.service[service,<ip>,<port>] | Check if service is available. 0 - service is down, 1 - service is running. If ip is missing 127.0.0.1 is used. If port number is missing, default service port is used. Example: net.tcp.service[ftp,,45]. 检查服务是否可用,FTP服务可直接使用FTP模板 |
| net.tcp.service.perf[service,<ip>,<port>] | Check performance of service "service". 0 - service is down, sec - number of seconds spent on connection to the service. If ip is missing 127.0.0.1 is used. If port number is missing, default service port is used. 监控服务(端口)连接性能 |
| net.udp.listen[port] | Checks if this port is in LISTEN state. 0 - it is not, 1 - it is in LISTEN state. 监控UDP端口是否监听(不支持windows) |
2 自定义监控 tcp 状态的 key
UserParameter=tcp_state[*],netstat -ant|grep -c $1测试:
zabbix_get -s 127.0.0.1 -k tcp_state[TIME_WAIT]
扫一扫
780
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
