TCP port state check for an application. - vb.net

I have chat application developed in vb.net . It is used to chat between PC's which are connected in LAN network inside a office. It uses TCP/IP port 25025 to connect to another. The app works fine . But in some cases receiver won't get the chat message.
So I just run the netstat -an command in that pc and find so many tcp ports and its state. Below is a part of it (error case). I have shown only lines which has 25025 in it.
Proto Local Address Foreign Address State
TCP 0.0.0.0:25025 0.0.0.0:0 LISTENING
TCP 192.168.1.79:25025 192.168.1.60:1320 TIME_WAIT
TCP 192.168.1.79:25025 192.168.1.60:1321 TIME_WAIT
TCP 192.168.1.79:58508 192.168.1.60:25025 TIME_WAIT
TCP 192.168.1.79:58509 192.168.1.60:25025 TIME_WAIT
TCP 192.168.1.79:58510 192.168.1.60:25025 TIME_WAIT
TCP 192.168.1.79:58511 192.168.1.60:25025 ESTABLISHED
Then i checked the same command where i didn't get any error with my app (proper working of my app). The output was,
TCP 192.168.1.60:25025 192.168.1.79:58511 ESTABLISHED
So how can i troubleshoot it? What does this so many port with 25025 indicate. In the error case i have lot of 25025 port as above shown. So please help me in understanding this and solve the problem.

Check to see whether the bind() call is succeeding or not. My guess is that when your application binds to the listening port it fails with the error "address already in use". The TIME_WAIT lines in the netstat output suggest this is so. But I'm guessing that your application isn't checking the return value from bind() and is blindly continuing assuming that the call succeeded. This would explain why it never receives anything.
You get "address already in use" if the socket has not completed its shutdown from an previous invocation of the application. Typically it takes about 4 minutes for the socket to be ready to be reused after it has been closed by the application, and in the meantime the state is TIME_WAIT.
You could use the SO_REUSEADDR socket option to avoid this TIME_WAIT period.

Related

Do webservers service all requests using one port?

If a webserver is handling traffic on port 80, each client must establish a connection between itself and the server on that port. Assuming a client maintains the connection, how is the server able to service other clients in parallel?
Does the server immediately kill the connection with a client after a request? Or do webservers dynamically generate new ports for clients to use such that port 80 is free for new connections?
A port is one end of a communication channel.
The server initials sets up a LISTENing port (80 in the case of an HTTPS server). A client creates a port (the operating system will assign a random, available port number to this) and CONNECTs to the listening port. At that point the communications channel is uniquely described by the IP address of the server, port 80 at the server, and the IP address of the client along with port number of the client. If you look at the output of netstat you'll see lots of sockets/ports in various stages of connection:
symcbean#skynet ~ $ netstat -t
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.1.202:47206 stackoverflow.com:https ESTABLISHED
tcp 0 1 192.168.1.202:50894 aba1c1ff9d2ec5376.:smtp SYN_SENT
tcp 0 0 192.168.1.202:47210 stackoverflow.com:https ESTABLISHED
tcp 0 0 192.168.1.202:60806 ec2-34-213-90-136:https ESTABLISHED
tcp 0 0 192.168.1.202:51124 151.101.1.69:https ESTABLISHED
tcp 0 0 192.168.1.202:34784 i0.wp.com:https ESTABLISHED
tcp 0 0 192.168.1.202:54082 lhr25s14-in-f10.1:https ESTABLISHED
tcp 0 0 192.168.1.202:38412 172-155-250-212.s:https ESTABLISHED
Exactly how the server handles communicating concurrently on multiple channels varies. I've never come across a server which only handles a single connection at a time.
On the (prefork) Apache webserver, the process which opened the listening socket hands off the connection to a pre-existing child process to deal with. Some servers run as a single process but with multiple threads of execution. Some (such as nginx and lighthttpd) run as a single thread and give their attention to the channel sending data first.

STUN server address is incompatible | Error code=701:

I have installed the TURN server everything in the server code is working fine. no error in the log file. only a warning stating
0: WARNING: I cannot support STUN CHANGE_REQUEST functionality because only one IP address is provided
but the TURN server running on the server.
here is what shows when I check lsof -i :3478
turnserve 999 root 15u IPv4 446811411 0t0 TCP domain.com:stun (LISTEN)
turnserve 999 root 23u IPv4 446811417 0t0 TCP domain:stun (LISTEN)
turnserve 999 root 24u IPv4 446810998 0t0 UDP domain.com:stun
turnserve 999 root 25u IPv4 446810999 0t0 UDP domain.com:stun
when I check STUN in Trickle ICE it throws an errors
The server stun:xxx.xxx.xxx.xxx:3478 returned an error with code=701:
STUN server address is incompatible.
The server stun:xxx.xxx.xxx.xxx:3478 returned an error with code=701:
STUN allocate request timed out.
what's going wrong in this.
Thank you
I think that 701 error is a more generic connectivity error that Trickle ICE uses to indicate it didn't get a binding response back. Run stunclient your.stun.ip.address with the command line tools at www.stunprotocol.org to see if your STUN service is accessible from the outside world.
STUN technically requires being hosted on a device with two IP addresses and two ports. It's typically a command line parameter to specify which IP addresses the server should listen on. But most server implementations can operate on a host with a single IP address.
The second IP address and port on the server is used for STUN client filtering tests to detect what type of NAT is in effect. The client sends a binding request on the server's primary ip and port, but with a change request attribute to have the server respond from the alternate IP address or port. More often than not, this binding request with a change-request attribute fails since NATs will not forward traffic from the other IP/port.
The filtering test is useful for logging what type of NAT the client is on. So that failed connections can be debugged and that success/failure metrics can be correlated to NAT type.
Since most ICE implementations will exchange all available address candidates (local, mapped, and relay), the filtering test isn't very or useful to connectivity establishment.
I'm surprised Trickle ICE is giving you an error. I didn't think WebRTC ever used the changer-request attribute. I just did a Wireshark trace of a Trickle ICE session to stunserver.stunprotocol.org. I don't see the webrtc client setting the change-request attribute in either of the two binding requests it makes.
More details in RFC 5780 Section 3.2
In macOS, I just do so:
> brew install stuntman
when it done
> stunclient stunserver.stunprotocol.org
Binding test: success
Local address: 198.18.0.1:54898
Mapped address: 210.0.158.130:56750
To specify port, just like this:
> stunclient stunserver.stunprotocol.org 3478
Binding test: success
Local address: 198.18.0.1:63061
Mapped address: 210.0.158.130:37126
Have fun!

WAMP is not starting since skype is used once, even after it is uninstalled

I used WAMP in the past without problem.
I needed to use skype for once, so I did and now the Apache service of WAMP won't start. When I test port 80 using the WAMP tools, I get this message:
***** Test which uses port 80 *****
===== Tested by command netstat filtered on port 80 =====
Test for TCP
Port 80 is not found associated with TCP protocol
Test for TCPv6
Port 80 is not found associated with TCP protocol
===== Tested by attempting to open a socket on port 80 =====
Your port 80 seems not actually used.
Unable to initiate a socket connection
Error number: 10061 -
I tried changing the port Skype uses, but this is not possible in the Windows 10 version. I installed Skype Classic and changed the port there, no result. Then changed Apache to port 8080, without result, so I changed it back to 80.
I fully uninstalled both Skype and Skype classic, then I uninstalled WAMP and installed it fresh again. Even after the removal of Skype and resinstallation of WAMP I still get the same error message.
I also tried to kill the tasks using port 80, but the only task I can actually kill is my firefox browser, result of netstat below.
C:\Windows\system32>netstat -aon | findstr :80
TCP 192.168.178.27:49893 93.184.220.29:80 ESTABLISHED 13120
TCP 192.168.178.27:49917 216.58.211.99:80 TIME_WAIT 0
TCP 192.168.178.27:49918 23.208.79.207:80 TIME_WAIT 0
TCP 192.168.178.27:49919 88.221.254.211:80 TIME_WAIT 0
TCP 192.168.178.27:49926 52.85.249.5:80 TIME_WAIT 0
TCP 192.168.178.27:49931 23.208.77.171:80 TIME_WAIT 0
TCP 192.168.178.27:49939 23.208.77.171:80 TIME_WAIT 0
TCP 192.168.178.27:49953 216.58.211.99:80 TIME_WAIT 0
TCP 192.168.178.27:49960 216.58.211.99:80 TIME_WAIT 0
Any help is appreciated.

What are these TCP ports opened by Apache Tomcat?

When I start Tomcat I see the following using netstat (filtered by tomcat PID):
TCP 0.0.0.0:5007 xxxx34793KZ:0 LISTENING
TCP 0.0.0.0:8081 xxxx34793KZ:0 LISTENING
TCP 0.0.0.0:8543 xxxx34793KZ:0 LISTENING
TCP 127.0.0.1:8005 xxxx34793KZ:0 LISTENING
TCP 127.0.0.1:29821 xxxx34793KZ:29822 ESTABLISHED
TCP 127.0.0.1:29822 xxxx34793KZ:29821 ESTABLISHED
TCP 127.0.0.1:29823 xxxx34793KZ:29824 ESTABLISHED
TCP 127.0.0.1:29824 xxxx34793KZ:29823 ESTABLISHED
TCP 127.0.0.1:29830 xxxx34793KZ:29831 ESTABLISHED
TCP 127.0.0.1:29831 xxxx34793KZ:29830 ESTABLISHED
TCP 127.0.0.1:29832 xxxx34793KZ:29833 ESTABLISHED
TCP 127.0.0.1:29833 xxxx34793KZ:29832 ESTABLISHED
TCP 127.0.0.1:29834 xxxx34793KZ:29835 ESTABLISHED
TCP 127.0.0.1:29835 xxxx34793KZ:29834 ESTABLISHED
TCP 127.0.0.1:29836 xxxx34793KZ:29837 ESTABLISHED
TCP 127.0.0.1:29837 xxxx34793KZ:29836 ESTABLISHED
TCP [::]:8081 xxxx34793KZ:0 LISTENING
TCP [::]:8543 xxxx34793KZ:0 LISTENING
Ports 29821-29824 and 29830-29837 are what I'm wondering about.
I have searched the web, tomcat documentation, tomcat source code and any mailing list I can think of (including Stackoverflow) and can find nothing on the purpose of these TCP ports. They come in pairs which implies to me that they are possibly configured to loopback. I'm stumped as to why Tomcat needs these.
Our application that runs on Tomcat gets installed into environments where IT Security is quite robust, so they want to know the reason for every port in use.
Any ideas?

Sniff remote IP port for outgoing data VB

I am trying to monitor a remote IP port for outgoing data.
At the minute I have a TCP port connected which is stuck in a deliberate (almost) infinite loop.
This works, until the tcp connection is broken for any reason.
It just feels better to monitor the remote port for outgoing data, but all the classes/functions I find are for receiving data on a particular port.
Any ideas?