TCP netstat TIME_WAIT & CLOSE_WAIT

fareast_mzh2025-03-26 16:41

TIME_WAIT is different from CLOSE_WAIT, and it's not necessarily a client-side fault. It happens due to how TCP handles connection termination.

Key Differences

TCP State Cause Who is responsible? Fix/Optimization
CLOSE_WAIT Server didn't close() the socket after client closed it. Server-side issue (socket left open). Ensure close(client_fd); is always called.
TIME_WAIT Server closed the socket first, waiting to ensure the client received the FIN. Normal behavior (not necessarily a problem). Use SO_LINGER or SO_REUSEADDR to mitigate excessive TIME_WAIT.

Why Does TIME_WAIT Happen?

  • When your server calls close(client_fd); , it sends a FIN to the client.
  • If the client follows the normal TCP closure process , it replies with ACK and sends its own FIN, which your server then ACKs.
  • Your server enters TIME_WAIT for 2×MSL (Maximum Segment Lifetime, usually 60s total) to ensure any delayed packets are handled before fully releasing the connection.

Is TIME_WAIT the Client's Fault?

  • If the client closes the connection first , the server goes to CLOSE_WAIT (which we fixed).
  • If the server closes first , TIME_WAIT is expected.
  • Too many TIME_WAIT sockets? It usually means many short-lived connections are being closed quickly.

How to Reduce TIME_WAIT Issues?

  1. Enable SO_REUSEADDR

    • Allows immediate reuse of the same port, even in TIME_WAIT state.
    c 复制代码 
    int opt = 1;
setsockopt(server_fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));

  2. Use SO_LINGER to Force Immediate Closure

    • Not recommended unless necessary, as it can cause packet loss.
    c 复制代码 
    struct linger sl;
sl.l_onoff = 1;  // Enable linger
sl.l_linger = 2; // Close socket after 2 seconds
setsockopt(client_fd, SOL_SOCKET, SO_LINGER, &sl, sizeof(sl));

  3. Keep Connections Open Longer

    • If possible, reuse connections instead of opening/closing frequently.

  4. Tune TCP Stack (sysctl)

    • Reduce TIME_WAIT timeout if necessary:
    sh 复制代码 
    sudo sysctl -p | grep net.ipv4.tcp_fin_timeout  # net.ipv4.tcp_fin_timeout = 2
sysctl -w net.ipv4.tcp_fin_timeout=30

Conclusion

  • CLOSE_WAIT is a server-side issue (fixed by properly closing sockets).
  • TIME_WAIT is expected behavior when the server closes first.
  • Too many TIME_WAIT sockets? Use SO_REUSEADDR , linger options , or connection pooling if appropriate.
相关推荐
北方的流星17 小时前
华三路由器NAT配置
运维·网络·华三
数据法师18 小时前
开源情报收集工具GhostTrack深度测评:IP、手机号、用户名的合规信息查询方案
网络·网络协议·tcp/ip
丑八怪大丑19 小时前
Java网络编程
linux·服务器·网络
想成为优秀工程师的爸爸20 小时前
第三十篇技术笔记:郭大侠学UDS - 人有生老三千疾,望闻问切良方医
网络·笔记·网络协议·tcp/ip·信息与通信
数智工坊21 小时前
【SAM-DETR论文阅读】:基于语义对齐匹配的DETR极速收敛检测框架
网络·论文阅读·人工智能·深度学习·transformer
时空自由民.1 天前
蓝牙协议之GAP协议
linux·服务器·网络
灰子学技术1 天前
Envoy HTTP Connection Manager (HCM) 技术文档
网络·网络协议·http
byoass1 天前
企业云盘与设计软件深度集成:AutoCAD/Revit/SolidWorks插件开发与API集成实战
服务器·网络·数据库·安全·oracle·云计算
智慧光迅AINOPOL1 天前
全光网设备厂家选型参考:评估要点与技术标准说明
网络·全光网解决方案·全光网·酒店全光解决方案·泛住宿全光网解决方案
qq_三哥啊1 天前
【mitmproxy】提取 OpenCode 的 API 接口
网络·代理模式
热门推荐
01要裂开了!ChatGPT要手机号验证了?注册Codex要求验证电话号码怎么办?2026年登陆Codex要手机号验证的解决办法02GitHub 镜像站点03【AI】2026 年具身智能模型和世界模型总结04Codex 接入 DeepSeek API 完整配置文档05裂开!ChatGPT 居然开始要手机号验证,附详细解决方法06零基础教你claude code 接入 deepseek V4072026年AI前瞻:量子AI、具身智能与科学发现的新纪元08在Windows 11上安装Docker的踩坑记录09实测可用|小米 MiMo 百万亿 Token 免费领,开发者速冲10CC-Switch & Claude 基于 Linux 服务器安装使用指南