clocker1996
01-07-2002, 03:10 AM
Does anyone know when this actually closes
or finsihes
or disappears from netstat
or finsihes
or disappears from netstat
 | View Full Version : Close_wait allan 01-07-2002, 02:19 PM Originally posted by clocker1996 Does anyone know when this actually closes or finsihes or disappears from netstat Basically they will close whenever the KEEP-ALIVE variable expires. The length of the keep-alive variable varies from OS to OS. In Windows it is a registry setting. On Linux boxes the default is 2 hours, you can change the value in: /proc/sys/net/ipv4/tcp_keepalive_time clocker1996 01-13-2002, 10:12 AM so your telling me for 2 hours it will say CLOSE_WAIT unless i change that value? in netstat? Sorry i just want to make sure we are on the same page clocker1996 01-13-2002, 10:14 AM Also Would it be a bad idea to change that to 5 seconds allan 01-13-2002, 10:22 AM Originally posted by clocker1996 so your telling me for 2 hours it will say CLOSE_WAIT unless i change that value? in netstat? Correct, and I would not change that value to 5 seconds. I've worked with customer who have had problems with close_wait (mostly NT customers). Microsoft does not recommend setting this value to less than 30 seconds. I've never seen a recommendation for Unix/Linux setting, but I assume it would be about the same. astanley 01-13-2002, 12:38 PM One thing to note, this state does not remain for all connections that have been closed. TCP is a fairly efficient protocol, and requires ACK/SEQ/FIN messages in order to work properly. At the end of a TCP session the client or server sends a FIN command, and at the point the connection goes into a CLOSE_WAIT state. Once an ACK is received from the other end...the connection is closed out by the OS. My point is that this state remains only on connections that have closed abnormally or for some other reason a FIN was never sent from the client. The timeout value prevents the OS from having a backlog of CLOSE_WAIT processes that would eventually hog up all available ports on the server, and cause a DoS. -Adam clocker1996 01-13-2002, 01:44 PM so what would be a good recommendation to set that value to? or leave it? allan 01-13-2002, 02:20 PM Originally posted by clocker1996 so what would be a good recommendation to set that value to? or leave it? Leave it, unless you think the number of open sessions is causing a performance degredation. In which case, I would stedily lower it (ie 90 minutes, 60 minutes, etc). priyadi 01-13-2002, 02:35 PM Originally posted by clocker1996 Also Would it be a bad idea to change that to 5 seconds Bad idea. With that setting, when you telnet to the box and don't type anything for 5 seconds, you'll get disconnected. SSH/telnet clients send keepalive for every 1 minute to 30 minutes (never confirmed myself though), so you will want tcp keepalive settings above that number. |