For fin_wait_2 :-
There is an ndd parameter which is called
tcp_fin_wait_2_timeout
This parameter sets the fin_wait_2 timer on 11.x to stop idle fin_wait_2 connections. It will not survive a reboot, so modification of the /etc/rc.config.d/nddconf is a necessary.
tcp_fin_wait_2_timeout specifies an interval, in milliseconds, after which the TCP connection will be unconditionally killed. An appropriate reset segment will be sent when the connection is killed.
The default for tcp_fin_wait_2_timeout is 0, which allows the connection to live forever, as long as the far side continues to answer keepalives.
This parameter sets the fin_wait_2 timer on 11.x to stop idle fin_wait_2 connections. It will not survive a reboot, so modification of the /etc/rc.config.d/nddconf is a necessary.
tcp_fin_wait_2_timeout specifies an interval, in milliseconds, after which the TCP connection will be unconditionally killed. An appropriate reset segment will be sent when the connection is killed.
The default for tcp_fin_wait_2_timeout is 0, which allows the connection to live forever, as long as the far side continues to answer keepalives.
The current value is 0 , which allows the connection to live forever.
To enable the tcp_fin_wait_2 timer to timeout do the following:
1. To get the current value (0 is turned off):
# ndd -get /dev/tcp tcp_fin_wait_2_timeout
0
2. To set the value to 10 minutes:
# ndd -set /dev/tcp tcp_fin_wait_2_timeout 600000
3. Check the setting:
# ndd -get /dev/tcp tcp_fin_wait_2_timeout
600000
Note: (1000 ms in 1 second) * (60 seconds) * (10 minutes)= 600000 ms.
10 minutes is just an example but probably a good selection. Using a setting less than 10 minutes is not recommended by HP and may cause data loss with half-closed TCP connections.
Using the ndd on command line will not survive a reboot, so you need to update
/etc/rc.config.d/nddconf , with the parameter so that it will be set at boot time.
TRANSPORT_NAME[10]=tcp
NDD_NAME[10]=tcp_fin_wait_2_timeout
NDD_VALUE[10]=600000
Use this commend to read the nddconf file and implement the ndd's:
# ndd -c
For Time_Wait:-
Look at the value with this command:
ndd -get /dev/tcp tcp_time_wait_interval
60000
Set the value with this command:
ndd -set /dev/tcp tcp_time_wait_interval xxxxx
where xxxxx is the desired number of milliseconds. This setting does not persist across a root, so will need to be added to a startup script.
Important: Be careful with the tcp_time_wait_interval setting for the reason described below.
This timer is in place and is part of the TCP Protocol Specification to prevent a particular problem. A TCP connection is made unique by these four numbers:
local IP + local TCP port + remote IP + remote TCP port
If a packet is sent out into the network with these four numbers and the user then tears down the connection and REUSES the same 4-tupple for a NEW connection, then when the packet from the old connection comes
in off the wire, it will overwrite the new connection. Thus, we have the TIME_WAIT state to prevent old connection numbers from being reused before all data is 'flushed' off the network.
ndd -get /dev/tcp tcp_time_wait_interval
60000
Set the value with this command:
ndd -set /dev/tcp tcp_time_wait_interval xxxxx
where xxxxx is the desired number of milliseconds. This setting does not persist across a root, so will need to be added to a startup script.
Important: Be careful with the tcp_time_wait_interval setting for the reason described below.
This timer is in place and is part of the TCP Protocol Specification to prevent a particular problem. A TCP connection is made unique by these four numbers:
local IP + local TCP port + remote IP + remote TCP port
If a packet is sent out into the network with these four numbers and the user then tears down the connection and REUSES the same 4-tupple for a NEW connection, then when the packet from the old connection comes
in off the wire, it will overwrite the new connection. Thus, we have the TIME_WAIT state to prevent old connection numbers from being reused before all data is 'flushed' off the network.
Using the ndd on command line will not survive a reboot, so you need to update
/etc/rc.config.d/nddconf, with the parameter so that it will be set at boot time.
TRANSPORT_NAME[2]=tcp
# NDD_NAME[2]=tcp_time_wait_interval
# NDD_VALUE[2]=60000
Use this commend to read the nddconf file and
implement the ndd's:
# ndd -c
# ndd -c
To
release the current fin_wait and time_wait hung connections we recommends to
bouncing the Server/Apps/DB after confirming the downtime window.
