Is the number of reserved ports limited?

panther · June 22, 2023, 12:20pm

I have recently installed our new cluster with OpenPBS 22.05.11 and Rocky Linux 8.8. Now I got the problem that coammands like qstat and so on sometimes take quite a lot of time to finsih or even fail with the error
pbs_iff: cannot connect to host
pbs_iff: all reserved ports in use
After investigating for a while I found that this happens when too many connections to the PBS server are in a TIME_WAIT state. So when I run the command
netstat -pant | grep 15001 | grep TIME_WAIT | wc -l
and the number I get here reaches 1024 I can see that the commands are slow. Below that number there is nor problem, but I never see that number going above 1024.
So now I checked my old cluster which is running PBS Pro 19.2.4 and found that the above netstat command gives me numbers bigger than 10000. So now my question is if the number of ports or connections for the PBS server is somehow limited to 1024? Or is this an issue of the OS?

Any help on this is very welcome!
Cheers,
Christoph

alexis.cousein · July 3, 2023, 11:27pm

Ports over 1023 are not reserved. So yes, you have only a limited number of reserved ports. Why these are special is that only root can bind to them (on UNIX/Linux).

To get rid of connections in TIME_WAIT more rapidly, tune the kernel tunable net.ipv4.tcp_fin_timeout. The default value is 60s but unless you are communicating over a very slow WAN with weird routes 10 or even 5 seconds are fine.

Note that some reserved ports might be in use by other daemons. The NIS client is an eager consumer of those too. Consider using nscd or sssd to cache username to uid mapping if those connections in TIME_WAIT are not from PBS…

panther · July 4, 2023, 11:26am

Thabk you for your reply!
I think there is a bit of a misunderstanding. By reserved I don’t mean privileged ports but I am referring to the error message from PBS. My observation from PBS 19 is that there is not shortage of ports. And now with more investigation it looks to me that the state of the ports is not the issue but what ports PBS uses. On my new instalaltion Rocky Linux I saw that privileged ports were used as source ports. On the old PBS I saw that only port 15001 is used. I think this behaviour is not correct.
I could get rid of that problem now by using Munge for authentication but I still can’t figure out why PBS worked differently for me on Rocky Linux compared to my old installation on CentOS 7.
If you are interested in more details you can read this post on the OpenPBS GitHub

github.com/openpbs/openpbs

After submitting 1k+ jobs with -V argument to qsub , it is failing with error "'pbs_iff: cannot connect to host', 'pbs_iff: all reserved ports in use"

opened 08:33AM - 20 Mar 23 UTC

Mahalty

**Description:** After submitting 1k+ jobs with -V argument to when I ran netstat -pant, [root@openpbs opc]# netstat -pant Active Internet connections Proto Recv-Q Send-Q Local Address tcp 0 0 0.0.0.0:22 tcp 0 0 10.0.0.221:22 tcp 0 0 10.0.0.221:22 tcp 0 0 10.0.0.221:22 tcp 0 0 0.0.0.0:15001 tcp 0 0 127.0.0.1:25 tcp 0 0 0.0.0.0:15002 tcp 0 0 0.0.0.0:15003 tcp 0 0 0.0.0.0:15007 tcp 0 0 0.0.0.0:17001 tcp 0 0 0.0.0.0:111 tcp 0 0 127.0.0.1:25 tcp 0 0 127.0.0.1:25 tcp 0 0 10.0.0.221:60216 tcp 0 0 10.0.0.221:609 tcp 0 0 10.0.0.221:821 tcp 0 0 127.0.0.1:25 tcp 0 0 127.0.0.1:25 tcp 0 0 10.0.0.221:813 tcp 0 0 127.0.0.1:25 tcp 0 0 10.0.0.221:59586 tcp 0 0 10.0.0.221:59580 tcp 0 0 127.0.0.1:25 tcp 0 0 10.0.0.221:60006 tcp 0 0 127.0.0.1:25 [root@openpbs opc]# netstat 1024 qsub , it is fa…iling with error "'pbs_iff: cannot connect to host', 'pbs_iff: all reserved ports in use" I see most of the ports were occupied in TIME_WAIT state (servers and established) Foreign Address State PID/Program name 0.0.0.0:* LISTEN 5628/sshd 61.177.173.19:48352 SYN_RECV - 61.177.173.19:32683 SYN_RECV - 61.177.173.19:11002 SYN_RECV - 0.0.0.0:* LISTEN 141002/pbs_server.b 0.0.0.0:* LISTEN 5289/master 0.0.0.0:* LISTEN 128481/pbs_mom 0.0.0.0:* LISTEN 128481/pbs_mom 0.0.0.0:* LISTEN 140912/postgres 0.0.0.0:* LISTEN 128471/pbs_comm 0.0.0.0:* LISTEN 4497/rpcbind 127.0.0.1:46808 TIME_WAIT - 127.0.0.1:47132 TIME_WAIT - 10.0.0.221:15001 TIME_WAIT - 10.0.0.221:15001 TIME_WAIT - 10.0.0.221:15001 TIME_WAIT - 127.0.0.1:46562 TIME_WAIT - 127.0.0.1:46632 TIME_WAIT - 10.0.0.221:15001 TIME_WAIT - 127.0.0.1:46758 TIME_WAIT - 10.0.0.221:15001 TIME_WAIT - 10.0.0.221:15001 TIME_WAIT - 127.0.0.1:45830 TIME_WAIT - 10.0.0.221:15001 TIME_WAIT - 127.0.0.1:45464 TIME_WAIT - -pant | grep TIME_WAIT | wc -l

Topic		Replies	Views
Connection refused/qstat: cannot connect to server J35 (errno=15010) Users/Site Administrators	7	2075	September 14, 2022
PBS started but not running Users/Site Administrators	2	1229	October 3, 2020
Connection Refused (errno=15010) Users/Site Administrators	5	2691	January 17, 2024
Jobs stuck in Q stat and the scheduler seems not working right Users/Site Administrators	6	1995	December 6, 2022
Pbs_iff: error returned: 15031 / No Permission. / qstat: cannot connect to server host (errno+15007) Users/Site Administrators	10	7595	December 19, 2017

Is the number of reserved ports limited?

Related Topics