Symptoms
- Websites periodically show errors:
502 Bad Gateway
or
Can't reach site
- Errors in
/var/www/vhosts/example.com/logs/proxy_error_log:[crit] 7910#0: *20853273 connect() to  203.0.113.2:7080 failed (99: Cannot assign requested address) while connecting to upstream, client:  203.0.113.2, server: example.com, request: "GET /index.php HTTP/1.1", upstream: "http:// 203.0.113.2:7080/index.php", host: "example.com"
- The port range for TCP connections is 28231 (the difference between minimum and maximum ports):
# cat /proc/sys/net/ipv4/ip_local_port_range
32768 60999 - Current connections count is the following:
# netstat -anp | awk ‘$1 ~/tcp/ {print $6}’ | sort | uniq -c
574 ESTABLISHED
15 FIN_WAIT1
43 FIN_WAIT2
14 LAST_ACK
151 LISTEN
9 SYN_RECV
1 SYN_SENT
47144 TIME_WAIT# ss -s
Total: 3334 (kernel 3731)
TCP: 49011 (estab 501, closed 48336, orphaned 16, synrecv 0, timewait 48333/0), ports 0
Cause
Lack of local TCP ports.
Detailed cause explanation
Every TCP connection uses unique combination of source IP, source port and destination IP. So, for every ‘src_ip – dst_ip – dst_port’ the system has limited amount of src_port numbers. In peak moments, there is a big number of TCP sessions on the server (due to huge amount of connections in TIME_WAIT state). In these peak moments, the number of available port numbers can be exhausted. Due to this, nginx cannot establish new connections until some port numbers become available again.
Resolution
Apply one of the following solutions:Â
Solution I
Move some websites to other IP address:
Solution II
- Log in to Plesk server via SSH
- Increase the ports range, for example:
# echo 20000 60999 > /proc/sys/net/ipv4/ip_local_port_range
# sysctl -w
-
Optimize the TCP ports usage:
# echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout  Â
# echo 1 > /proc/sys/net/ipv4/tcp_tw_recycleÂ
# echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse Â# sysctl -w
with