Using TCP keepalive under Linux

Linux has built-in support for keepalive. You need to enable TCP/IP networking in order to use it. You also need PROCFS support and sysctl support to being able to configure the kernel parameters at runtime .

The procedures involving keepalive use three User-driven variables:

Tcp_keepalive_time

The interval between the last data packet sent (simple ACKs is not considered data) and the first keepalive probe; After the connection are marked to need keepalive, this counter are not used any further

Tcp_keepalive_intvl

The interval between subsequential keepalive probes, regardless of what the connection have exchanged in the meantime

Tcp_keepalive_probes

The number of unacknowledged probes to send before considering the connection dead and notifying the application layer

Remember that keepalive support, even if configured in the kernel, was not the default behavior in Linux. Programs must request KeepAlive control for their sockets using the setsockoptinterface. There is relatively few programs implementing KeepAlive, but can easily add keepalive support for most of them follow ing the instructions explained later in this document.

3.1. Configuring the Kernel

There is ways to configure keepalive parameters inside the kernel via userspace commands:

• Procfs Interface

• Sysctl Interface

We mainly discuss how this was accomplished on the PROCFS interface because it's the most used, recommended and the easiest To understand. The Sysctl interface, particularly regarding the sysctl(2) Syscall and not the sysctl(8) t Ool, is only here for the purpose of background knowledge.

3.1.1. TheProcfsInterface

This interface requires both sysctl and Procfs to being built into the kernel, and procfs mounted Somewhere in the filesystem (usually to /proc, as in the examples below). You can read the values for the actual parameters by ' catting ' files in /proc/sys/net/ipv4/ directory:

cat/proc/sys/net/ipv4/tcp_keepalive_time 7200 cat/proc/sys/net/ipv4/tcp_keepalive_intvl cat/proc/ Sys/net/ipv4/tcp_keepalive_probes 9

The first and parameters are expressed in seconds, and the last is the pure number. This means is the keepalive routines wait for both hours (7200 secs) before sending the first KeepAlive probe, and then R Esend it every seconds. If No ACK response is received for nine consecutive times, the connection is marked as broken.

Modifying this value was straightforward:you need to write new values into the files. Suppose decide to configure the host so that KeepAlive starts after ten minutes of channel inactivity, and then send P Robes in intervals of one minute. Because of the instability of our network trunks and the low value of the interval, suppose you also want to increase The number of probes to 20.

Here's how we would change the settings:

echo >/proc/sys/net/ipv4/tcp_keepalive_time echo >/proc/sys/net/ipv4/tcp_ KEEPALIVE_INTVLecho >/proc/sys/net/ipv4/tcp_keepalive_probes

To be sure this all succeeds, recheck the files and confirm these new values is showing in place of the old ones.

Remember that procfs handles special files, and you cannot perform any sort of operation on them because they ' re Just an interface within the kernel space, not real files, so try your scripts before using them, and try to use simple AC Cess methods as in the examples shown earlier.

You can access the interface through the sysctl(8) tool, specifying what do you want to read or WRITE.

Sysctl \net.ipv4.tcp_keepalive_time \net.ipv4.tcp_ KEEPALIVE_INTVL \ net.ipv4.tcp_keepalive_probes net.ipv4.tcp_ Keepalive_time = 7200 NET.IPV4.TCP_KEEPALIVE_INTVL = Net.ipv4.tcp_keepalive_probes = 9

Note that sysctl names is very close to procfs paths. Write is performed using the- w switch of sysctl (8):

Sysctl-w \net.ipv4.tcp_keepalive_time=600 \net.ipv4.tcp_ keepalive_intvl=60 \ net.ipv4.tcp_keepalive_probes=20 net.ipv4.tcp_ Keepalive_time = NET.IPV4.TCP_KEEPALIVE_INTVL = Net.ipv4.tcp_keepalive_probes =

Note that sysctl (8) doesn ' t with sysctl(2) Syscall, but reads and writes directly in the procfs subtree, so you'll need PROCFS enabled in the kernel and mounted in the filesystem, just as you wo Uld if you directly accessed the files within the Procfs interface. Sysctl(8) is just a different the same thing.

3.1.2. TheSysctlInterface

There is another-to access kernel variables: sysctl(2) syscall. It can be useful if you don ' t has procfs available because the communication with the kernel is performed dire Ctly via Syscall and not through the procfs subtree. There is currently no program that wraps this syscall (remember , Sysctl (8) doesn ' t use it).

For more details on the using sysctl(2) refer to the manpage.

3.2. Making changes persistent to reboot

There is several ways to reconfigure your system every time it boots up. First, remember that every Linux distribution have its own set of the Init scripts called by Init (8). The most common configurations include the /etc/rc.d/ directory, or the alternative, /etc/init.d/. In any case, you can set the parameters in any of the startup scripts, because KeepAlive rereads the values every time its Procedures need them. If you change the value of TCP_KEEPALIVE_INTVL when the connection are still up, the kernel would use the new VA Lue going forward.

There is three spots where the initialization commands should logically being placed:the first is where your network is con Figured, the second is therc.local script, usually included in all distributions, which was known as the place where User Configuration setups was done. The third place is already exist in your system. Referring back to the  sysctl (8) tool, you can see that the- p switch loads settings from the /etc/sysctl.conf C onfiguration file. In many cases your Init script already performs the sysctl - p (You can "grep" it in the Configuratio N Directory for confirmation), and so just has to add the lines in /etc/sysctl.conf to make them load at EV ery boot. For more information on the syntax of sysctl.conf(5), refer to the manpage

Using TCP keepalive under Linux