Netstat-na View a large number of time_wait solutions (modify kernel mechanism)

# Netstat-an|awk '/tcp/{print $6} ' |sort|uniq-c

     16 closing    established    298 fin_wait1     13 Fin_wait2&nbs P     9 last_ack      7 listen    103 syn_recv   5204 time_wait Status: Description closed: No connection Yes Active or in progress listen: The server is waiting to enter the call SYN_RECV: A connection request has arrived, wait for confirmation Syn_sent: application has started, open a connection established: Normal data transfer status Fin_ WAIT1: The app says it's done Fin_wait2: the other side has agreed to release itmed_wait: Wait for all the packets to die closing: Both sides simultaneously try to close the time_wait: the other side has initialized a release last_ack: Wait for all the packets to die    if the system has a large number of time_wait state connections, by adjusting the kernel parameters to resolve, vim/etc/sysctl.conf edit the file, add the following: Net.ipv4.tcp_syncookies = 1net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_tw_recycle = 1net.ipv4.tcp_fin_timeout = 30 and then executes the/sbin/sysctl-p to let the parameters take effect.   See more kernel parameter/proc/sys/:  net.ipv4.tcp_syncookies = 1 means that Syn cookies are turned on. When a SYN wait queue overflow occurs, cookies are enabled to protect against a small number of SYN attacks, the default is 0, which means close;  net.ipv4.tcp_tw_reuse = 1 means turn on reuse. Allows the time-wait sockets to be reused for new TCP connections, which defaults to 0, which means shutdown,  net.ipv4.tcp_tw_recycle = 1 for fast recycling of time-wait sockets on TCP connections, default to 0, Indicates close.  net.ipv4.tcp_fin_timeout Modify system default timeout time   belowAttach the meaning of the time_wait status:  after a TCP/IP connection is established between the client and the server, the port   status of the server-side connection is time_wait  Are all sockets that perform an active shutdown enter the TIME_WAIT state?   Is there a situation where the active shut-down socket goes directly into the closed state?   Active shut-off party will enter the TIME_WAIT state to stay 2MSL (max segment lifetime) time after the last ACK is sent this is a TCP/IP essential, that is, "solution" is not.   That is, the TCP/IP designer was originally designed to do so   there are two main reasons  1. Prevent packets from the last connection, re-appear after getting lost, affect new connections (after 2MSL, all duplicates in the last connection will disappear)  2. A reliable shutdown of the TCP connection   the last ACK (FIN) sent at the active shutdown, which is likely to be lost, then the passive side will resend fin, and if the active side is in the CLOSED state, it will respond to RST instead of ACK. So the active side should be in the TIME_WAIT state, but not CLOSED.  time_wait does not occupy a significant amount of resources unless it is under attack.   Also, if one party send or recv timeout, it will go directly to CLOSED status    reprinted from:https://www.cnblogs.com/sidesky/p/6844565.html   

Netstat-na See a number of time_wait solutions (modifying the kernel mechanism)