RHEL : How to deal with “CLOSE_WAIT” and “TIME_WAIT” connection

RHEL : How to deal with “CLOSE_WAIT” and “TIME_WAIT” connection

 
Linux How to Document

CLOSE_WAIT is the state for the TCP connection after the remote side has requested a shut down(FIN), and the TCP connection is waiting for the local application to close the socket. There is no timeout for a thread in CLOSE_WAIT state. So need to find out why the receiving application is not doing a proper close() call on the socket

 

 
 
 
 
For Example look at the following netstat output:
 
# netstat -a | grep dcd
      *.dcd               *.*                0      0     0      0 LISTEN
support.dcd         troppus.774           5840      0 10124      0 CLOSE_WAIT
support.dcd         troppus.638           5840      0 10124      0 CLOSE_WAIT
support.dcd         troppus.818           5840      0 10124      0 CLOSE_WAIT
support.dcd         troppus.782           5840      0 10124      0 CLOSE_WAIT
From the about output , you can see several connection are in CLOSE_WAIT  State.

 

Connection Flow for TCP Connection that leads to CLOSE_WAIT State

 

tcp_close_1
 

How do we Close the CLOSE_WAIT connections?

 
As of now , there is no reasonable way to clear these connections without doing network restart or server reboot.
 

::: What is TIME_WAIT Connection?

 
TIME-WAIT – represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request. The Connections enter into TIME_WAIT status only during the condition when too many clients connections are established in too short period of time and each clients disconnect the connection quickly
 
Red Hat Enterprise Linux set this value as 60 seconds in the code level. It’s not changeable, so we don’t have an option on the command line.
 

How do we Reduce the TIME_WAIT Sockets?

 
Below Two related parameter could help us to reduce TIME_WAIT sockets, but you have to you have to tune them only on expert advice who knows your environment better.
 
tcp_tw_recycle – BOOLEAN  – 
 Enable fast recycling TIME-WAIT sockets. Default value is 0. Enabling this option is not recommended since this causes problems when working with NAT(Network Address Translation).
tcp_tw_reuse – BOOLEAN
 Allow to reuse TIME-WAIT sockets for new connections when it is safe from protocol viewpoint. Default value is 0.
 

How do we activate it?

 Add following lines into /etc/sysctl.conf.
 
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
 
After adding that options, please execute the following command to apply the above changes.
 
#sysctl -p
5 (3)
Article Rating (3 Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
List usernames instead of uids with the ps command for long usernames
Viewed 1474 times since Wed, Jul 25, 2018
SSL HowTo: Decode CSR
Viewed 2690 times since Mon, Feb 18, 2019
Use inotify-tools on CentOS 7 or RHEL 7 to watch files and directories for events
Viewed 12784 times since Fri, Jul 27, 2018
linux ssh How to Hide the OpenSSH Version Details when Telnet to Port 22
Viewed 2556 times since Wed, Apr 22, 2020
RHEL: XFS basic operations
Viewed 14384 times since Sat, Jun 2, 2018
debian How to Upgrade Debian 8 Jessie to Debian 9 Stretch
Viewed 1679 times since Sun, Sep 23, 2018
Szybkie sprawdzenie zewnętrznego adresu IP i hosta
Viewed 2723 times since Thu, May 24, 2018
Linux - How to get Memory information
Viewed 1262 times since Fri, Jun 8, 2018
Linux Health Check Commands
Viewed 2265 times since Fri, Jun 8, 2018
LVM: Extend SWAP size by growing existing Logical Volume
Viewed 1849 times since Sat, Jun 2, 2018