Jump to Navigation

268 - Configuring TCP KeepAlive Parameters

Linux server uses the settings for the TCP KeepAlive parameter to clean up connections from clients that have disconnected
without releasing a license that has been checked out.

You can change the TCP KeepAlive parameter if you need the abandoned license checkouts to be cleaned up more frequently.

The KeepAlive parameter names vary by operating system but generally specify :

    * the interval to wait before probing the idle connection (on most platforms the default is 2 hours)
    * the interval to wait before retrying the probe after an initial failure to respond
    * the maximum number of times to retry the probe

1. CLOSE_WAIT TCP

CLOSE_WAIT indicates that the server has received the first FIN signal from the client and the connection is in the process of being closed.
Sometimes they have no associated PIDs, and their timers seem to have expired.

# netstat -ton | grep CLOSE_WAIT

# netstat -tonp | grep CLOSE_WAIT

2.Show Parameters

# cat /proc/sys/net/ipv4/tcp_fin_timeout
60

# cat /proc/sys/net/ipv4/tcp_keepalive_time
7200

#sysctl -a | grep keep
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_time = 7200

# sysctl net.ipv4.<tcp_parameter>

 * Specify seconds
tcp_keepalive_time - Parameter wait time before probing the connection
tcp_keepalive_intvl - Parameter interval between retry probes

tcp_keepalive_probes - Parameter maximum retry probes 

 

3. Set parameters

To set the value temporarily until the computer is restarted :

# sysctl -w net.ipv4.<tcp_parameter>=<tcp_value>

# vi /etc/sysctl.conf

===================================================

net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_time = 1800

===================================================

* After editing the file, use the following command to invoke the new settings.

# sysctl -p

4. TCPIP Status

CLOSED
Indicates that the server has received an ACK signal from the client and the connection is closed

CLOSE_WAIT
Indicates that the server has received the first FIN signal from the client and the connection is in the process of being closed

So this essentially means that his is a state where socket is waiting for the application to execute close()

A socket can be in CLOSE_WAIT state indefinitely until the application closes it.
Faulty scenarios would be like filedescriptor leak, server not being execute close() on socket leading to pile up of close_wait sockets

ESTABLISHED
Indicates that the server received the SYN signal from the client and the session is established

FIN_WAIT_1
Indicates that the connection is still active but not currently being used

FIN_WAIT_2
Indicates that the client just received acknowledgment of the first FIN signal from the server

LAST_ACK
Indicates that the server is in the process of sending its own FIN signal

LISTENING
Indicates that the server is ready to accept a connection

SYN_RECEIVED
Indicates that the server just received a SYN signal from the client

SYN_SEND
Indicates that this particular connection is open and active

TIME_WAIT
Indicates that the client recognizes the connection as still active but not currently being used

 



Main menu 2

Story | by Dr. Radut