In the Linux kernel, the TIME-WAIT state of TCP/IP lasts for 60 seconds and the period cannot be changed. However, in some scenarios such as when the TCP load is heavy, being able to shorten this period will greatly improve network performance. Therefore, Aliyun Linux 2 has added a kernel interface to the kernel version 4.19.43-13. al7 to change the timeout period of TCP TIME-WAIT. This topic describes how to use the kernel interface.

Background information

By default, the TCP/IP stack keeps the socket open for 60 seconds after an application sends a request to close the socket. This state is the TCP/IP TIME-WAIT state and ensures that data transmission between the server and the client is complete. However, if too many connections are in the TIME-WAIT state, network performance can be compromised. Therefore, Aliyun Linux 2 provides an interface that can change the timeout period of TIME-WAIT and improve network performance in scenarios such as high-concurrency business. The value range of the interface is 1 to 600 seconds. The default value of the timeout period of TIME-WAIT is 60 seconds.

Precautions

Setting a timeout period less than 60 seconds contradicts the quiet time concept of TCP/IP and may result in the system receiving old data as new data or rejecting copied new data as old data. Make adjustments based on the advice of network technicians of Alibaba Cloud. For information about the quiet time of TCP/IP, see IETF RFC 793.

Configuration methods

You can use one of the following methods to change the timeout period of TIME-WAIT. Specify the [$TIME_VALUE] parameter to set a new timeout period for TIME-WAIT.

  • Run the sysctl command to change the timeout period of TIME-WAIT:
    sysctl -w "net.ipv4.tcp_tw_timeout=[$TIME_VALUE]"
  • Run the echo command as the root user and change the timeout period in the /proc/sys/net/ipv4/tcp_tw_timeout interface.
    echo [$TIME_VALUE] > /proc/sys/net/ipv4/tcp_tw_timeout