Netstat weird output

Hello,

did anyone noticed netstat output on istio injected pods? Im running application, that communicates with MySQL and Redis outside of the mesh. Suddenly my application reported Too many connections ... error when communicating with database.

I did a netstat inside not injected pod

/app $ netstat -anp  | grep 3306 
tcp        0      0 100.96.37.166:40894     10.0.2.213:3306         ESTABLISHED 1/node
tcp        0      0 100.96.37.166:41442     10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.37.166:43142     10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.37.166:44014     10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.37.166:44016     10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.37.166:44180     10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.37.166:44182     10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.37.166:44194     10.0.0.191:3306         ESTABLISHED 1/node  

and netstat inside injected pod

/app $ netstat -anp  | grep 3306 
tcp        0      0 100.96.18.37:34462      10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.18.37:34464      10.0.0.191:3306         ESTABLISHED -
tcp        0      0 100.96.18.37:34466      10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.18.37:34468      10.0.0.191:3306         ESTABLISHED -
tcp        0      0 100.96.18.37:34618      10.0.2.213:3306         ESTABLISHED 1/node
tcp        0      0 100.96.18.37:34620      10.0.2.213:3306         ESTABLISHED -
tcp        0      0 100.96.18.37:34744      10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.18.37:34746      10.0.0.191:3306         ESTABLISHED -
tcp        0      0 100.96.18.37:34752      10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.18.37:34754      10.0.0.191:3306         ESTABLISHED -
tcp        0      0 100.96.18.37:34762      10.0.0.191:3306         ESTABLISHED 1/node
tcp        0      0 100.96.18.37:34764      10.0.0.191:3306         ESTABLISHED -
tcp        0      0 100.96.18.37:34766      10.0.0.191:3306         ESTABLISHED 1/node

Same picture is for Redis
So in total injected pods consumes twice more connections than others.

It’s not surprising that there are twice as many connections reported with the proxy injected, but they are not all from your application. There is a connection from your application to the proxy, and then a second connection from the proxy to the remote service.