Web node discovers a large number of 3306-Port time_wait Links

Discover connections with a large number of time_wait states
TCP 0 0 127.0.0.1:3306 127.0.0.1:41378 time_wait
TCP 0 0 127.0.0.1:3306 127.0.0.1:41379 time_wait
TCP 0 0 127.0.0.1:3306 127.0.0.1:39352 time_wait
TCP 0 0 127.0.0.1:3306 127.0.0.1:39350 time_wait
TCP 0 0 127.0.0.1:3306 127.0.0.1:35763 time_wait
TCP 0 0 127.0.0.1:3306 127.0.0.1:39372 time_wait
TCP 0 0 127.0.0.1:3306 127.0.0.1:39373 time_wait
TCP 0 0 127.0.0.1:3306 127.0.0.1:41176 time_wait



Resolve by adjusting kernel parameters
Vi/etc/sysctl.conf


Edit the file and add the following:
Net.ipv4.tcp_syncookies = 1
Net.ipv4.tcp_tw_reuse = 1
Net.ipv4.tcp_tw_recycle = 1
Net.ipv4.tcp_fin_timeout = 30

Then execute/sbin/sysctl-p to let the parameters take effect.

Net.ipv4.tcp_syncookies = 1 means that Syn Cookies are turned on. When there is a SYN wait queue overflow, cookies are enabled to protect against a small number of SYN attacks, the default is 0, which means close;


Net.ipv4.tcp_tw_reuse = 1 means turn on reuse. Allows time-wait sockets to be re-used for new TCP connections, which defaults to 0, which means shutdown;


Net.ipv4.tcp_tw_recycle = 1 means a fast recycle of time-wait sockets in the TCP connection is turned on, and the default is 0, which means shutdown.


Net.ipv4.tcp_fin_timeout Modify the default timeout time for the system

After you modify, then use the command to view the number of time_wait connections
Netstat-ae|grep "Time_wait" |wc–l


found that a large number of time_wait no longer exist, MySQL process occupancy rate quickly down, site access is normal.
However, many times, there is a large number of time_wait state connections, often because the site program code is not used Mysql.colse (), resulting in a large number of MySQL time_wait.

If your server is a Windows platform, you can modify the following registry key values:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"TcpTimedWaitDelay" =dword:0000001e


This value is the maximum time for the TIME_WAIT state. The default is 240 seconds, with a minimum of 30 seconds and a maximum of 300 seconds. Recommended for 30 seconds.

Comments:
（
The 1,tcp end process is as follows:


Server Client


--------------FIN--------------> Server:fin_wait_1


<-------------ACK---------------client:close_wait server:fin_wait_2


<-------------fin---------------client is closed after Fin is issued


--------------ack-------------> server enters time_wait state after an ACK is issued


The default time for time_wait is twice times the MLS, which is 240 seconds. MLS is the longest surviving time on the web for TCP tablets.
The primary function of the time_wait is to ensure that the closed TCP port is not immediately used. Because when there is a delay in the network, it is possible that when a port is shut down, there are some retransmission TCP slices in the network that are being sent to this port, and if the port immediately establishes a new TCP connection, it may be affected. So use twice times the MSL time to restrict the port from being used immediately.


The problem now is that 4 minutes is a bit long.
So, time_wait the impact, I think, first each TCP connection has a data structure, called TCP Control block.time_wait when this data structure is not released. So when there are too many TCP connections, the memory may be occupied a lot.



2,to valorz:time_wait status is also called 2MSL wait state, not 2MLS, clerical error!


The maximum time per TCP packet within the network, called the MSL (Maximum Segment Lifetime), is similar to the TTL of the IP packet.


RFC793 points out that the MSL value is 2 minutes, but in the actual implementation, the commonly used values are the following three kinds: 30 seconds, 1 minutes, 2 minutes.


Note A problem, the general situation that enters the TIME_WAIT state is the client, most of the server side generally performs passive shutdown, does not enter the TIME_WAIT state, when the server side shuts down a service and then restarts, it will enter the TIME_WAIT state.


Example:
1. The client connects to the server's 80 service, at which point the client enables a local port to access the server 80, closes the connection after the access is complete, and immediately accesses the server 80 again, when the client enables another local port instead of the local port that was just used. The reason is that the connection is still in the time_wait state.

2. The client connects to the server's 80 service, when the server shuts down 80 ports and immediately restarts the 80-port service again, it may not start successfully, because the server connection is still in the time_wait state.

Windows

TcpTimedWaitDelay and MaxUserPort settings
Description: Determines the time that TCP/IP must pass before it can release a closed connection and reuse its resources.

This interval between closing and releasing is known as the time_wait state or twice times the maximum segment life cycle (2MSL) state.

During this time, reopening the connection to the client and the server costs less than establishing a new connection.

Reducing this value allows TCP/IP to release closed connections more quickly, providing more resources for new connections. Adjust this parameter if you are running an application that needs to quickly release and create new connections, and because there are many connections in time_wait that cause low throughput.

How to view or set: Use the regedit command to access the Hkey_local_machine/system/currentcontrolset/services/tcpip/parameters registry subkey and create a named The new REG_DWORD value of the TcpTimedWaitDelay.

Set this value to decimal 30, which is a hexadecimal 0x0000001e.

This value sets the wait time to 30 seconds.

Stop and restart the system. Default value: 0xF0, which sets the wait time to 240 seconds (4 minutes).

Recommended value: The minimum value is 0x1E, which sets the wait time to 30 seconds.

MaxUserPort Description: Determines the highest port number that TCP/IP can specify when an application requests an available user port from the system.

How to view or set: Use the regedit command to access the Hkey_local_machine/system/currentcontrolset/services/tcpip/parameters registry subkey and create a named The new REG_DWORD value of the MaxUserPort.

Stop and restart the system.

Default value: No recommended value: at least decimal 32768.

Note: When you tune WebSphere application Server on a Windows NT or Windows 2000 operating system, both parameters are used.

If you can not recover, go to the DBA to confirm that the database has no special operation!!

Web node discovers a large number of 3306-Port time_wait Links