Web site connection stuck in FIN_WAIT1 FIN_WAIT2 states
I am trying to create a server where multiple clients have to open a website and send data. But it looks like many clients are unable to establish a connection.
On the server machine, when I do lsof
or netstat -an
, I see that there are many connections shown in states FIN_WAIT1
and FIN_WAIT2
other than those in state ESTABLISHED
. Currently the ulimit for open files is 1024. Can connections stuck in these two states be counted in the open file list? If in this case the 1024 limit will be exhausted very soon.
/proc/sys/net/ipv4/tcp_orphan_retries
is equal 0
, which 8
seems
equivalent https://serverfault.com/questions/274212/what-does-tcp-orphan-retries-set-to-0-mean/408882#408882
I have consulted this link: https://serverfault.com/questions/7689/how-do-i-get-rid-of-sockets-in-fin-wait1-state
But I don't really understand. I have read about these two states on the internet and I understand that they are a protocol protocol, but I would prefer that connections not get stuck in states in which they are not useful. Can I do it? Should I change the ulimit? But this simply means that the problem will occur at time x + y instead of x.
source to share
Whenever you see a Fin_Wait state or some kind of pending state, we often refer to it as 1/2 session. The TCP stack follows a strict protocol for ordering requests and responses. It is because of these rules that he knows how and when, and how difficult it is to try to recover by sending replays. In any wait state, the stack knows that it is waiting for something. There are only two things that will satisfy this condition: 1) Some kind of correct answer or 2) Timeout.
Of course, the best way is to get the right answer. Work needs to be done to figure out why there are so many expectations. This sometimes happens due to unstable switching, routing, and other network activities. However, this could also be the result of a denial of service attack as they don't care about the state. The only way to release the required resources at the application level is when the application regains control. TCP only gives control when 1) the worker thread is normal, or 2) a timeout or other abnormal condition has occurred. For example, FINs and RSTs can be sent out of sequence at any time. Both believe they have surpassed any other state. Be aware that not all clients or hosts act in the same way as we talk about implementing a TCP stack.
Some, many, or more TCP Stack options may be configured depending on the system. There are configurable options for timeout values ββon Pending as well as RST Pending. Perhaps you can tweak them to solve your problem.
source to share