RHEL : How to deal with “CLOSE_WAIT” and “TIME_WAIT” connection

RHEL : How to deal with “CLOSE_WAIT” and “TIME_WAIT” connection

Linux How to Document

CLOSE_WAIT is the state for the TCP connection after the remote side has requested a shut down(FIN), and the TCP connection is waiting for the local application to close the socket. There is no timeout for a thread in CLOSE_WAIT state. So need to find out why the receiving application is not doing a proper close() call on the socket


For Example look at the following netstat output:
# netstat -a | grep dcd
      *.dcd               *.*                0      0     0      0 LISTEN
support.dcd         troppus.774           5840      0 10124      0 CLOSE_WAIT
support.dcd         troppus.638           5840      0 10124      0 CLOSE_WAIT
support.dcd         troppus.818           5840      0 10124      0 CLOSE_WAIT
support.dcd         troppus.782           5840      0 10124      0 CLOSE_WAIT
From the about output , you can see several connection are in CLOSE_WAIT  State.


Connection Flow for TCP Connection that leads to CLOSE_WAIT State



How do we Close the CLOSE_WAIT connections?

As of now , there is no reasonable way to clear these connections without doing network restart or server reboot.

::: What is TIME_WAIT Connection?

TIME-WAIT – represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request. The Connections enter into TIME_WAIT status only during the condition when too many clients connections are established in too short period of time and each clients disconnect the connection quickly
Red Hat Enterprise Linux set this value as 60 seconds in the code level. It’s not changeable, so we don’t have an option on the command line.

How do we Reduce the TIME_WAIT Sockets?

Below Two related parameter could help us to reduce TIME_WAIT sockets, but you have to you have to tune them only on expert advice who knows your environment better.
tcp_tw_recycle – BOOLEAN  – 
 Enable fast recycling TIME-WAIT sockets. Default value is 0. Enabling this option is not recommended since this causes problems when working with NAT(Network Address Translation).
tcp_tw_reuse – BOOLEAN
 Allow to reuse TIME-WAIT sockets for new connections when it is safe from protocol viewpoint. Default value is 0.

How do we activate it?

 Add following lines into /etc/sysctl.conf.
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
After adding that options, please execute the following command to apply the above changes.
#sysctl -p
5 (2)
Article Rating (2 Votes)
Rate this article
There are no attachments for this article.
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
10 Linux cryptsetup Examples for LUKS Key Management (How to Add, Remove, Change, Reset LUKS encryption Key)
Viewed 2547 times since Tue, Jul 31, 2018
Red Hat 8 How to Set Up Automatic Updates for CentOS 8
Viewed 1513 times since Fri, Sep 25, 2020
WatchDog watchdog.sh script for checking server running
Viewed 3283 times since Tue, Jul 31, 2018
How to automate SSH login with password? ssh autologin
Viewed 1095 times since Fri, Jun 8, 2018
stunnel: Authentication
Viewed 7491 times since Fri, Sep 28, 2018
Use inotify-tools on CentOS 7 or RHEL 7 to watch files and directories for events
Viewed 11176 times since Fri, Jul 27, 2018
OpenSSL: Check If Private Key Matches SSL Certificate & CSR
Viewed 1259 times since Mon, Feb 18, 2019
watchdog How to restart a process out of crontab on a Linux/Unix
Viewed 3763 times since Tue, Jul 31, 2018
How to use yum-cron to automatically update RHEL/CentOS Linux
Viewed 1069 times since Wed, Oct 17, 2018
logrotate Understanding logrotate utility
Viewed 783 times since Sun, Jan 12, 2020