Why does ping fail with the error "connect: Resource temporarily unavailable"?
Environment
- Red Hat Enterprise Linux (RHEL)
Issue
- Why does ping fail with the error "connect: Resource temporarily unavailable"?
Resolution
The error occurs when all the net.ipv4.ip_local_port_range ports are in use. Either increase the range if the usage is legitimate or correct the problem that is causing all of them to be used.
If the sysctl parameter "ip_local_reserved_ports" is defined in such a way that it reserves a vast range of ports than we need to modify it make the range smaller. This will make the ports available to make connection.
Root Cause
The ping command creates a DGRAM (UDP) socket and tries to create a connection to the ping target. This serves two purposes. First, the connect will fail with an EACCESS error if the target is a broadcast address. Error handling will then determine if the command should set SO_BROADCAST and try again or fail with an appropriate message. The second, once a connection has been "established" it calls getsockname to get the IP address of the local side of the connection. Easier than figuring it out by looking at the routing table. The socket is closed after calling getsockname.
Note that a UDP connect doesn't actually send any packet.
In the failure case all the ephemeral ports net.ipv4.ip_local_port_range were in use so that the connect() could not find a local port to bind.
Diagnostic Steps
Count the sockets with the netstat or ss:
# netstat -u | grep udp | wc -l
232
# ss -u | grep -v State | wc -l
232
Compare the count to the port range.
# sysctl net.ipv4.ip_local_port_range; sysctl net.ipv4.ip_local_port_range | awk '{print $3 " " $4}' | while read l u; do echo "$u - $l = " $(($u - $l + 1)); echo; done
net.ipv4.ip_local_port_range = 32769 33000
33000 - 32769 = 232
Of course, it is possible that many of these ports will not be within the range then have a look at them but the count is a good first pass. If the count is below the number in the range then this is not the problem.
- Check the
ip_local_reserved_portsparameter, if the range overlaps entirely or consumes a vast number of ports declared inip_local_port_rangethen it can cause the issue.
#sysctl -a |grep -i local_reserved
net.ipv4.ip_local_reserved_ports=32768-60999
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments