Time_Wait connection is not released, resulting in failure to access the external network

Problem Description

When you can ping the external network on the Windows instance, but cannot access the external network using a browser, the loading time for accessing the external network is too long, or the application networking on the Windows instance is abnormal, in the CMD command prompt of the Windows instance, execute netstat - An |find "TIME_WAIT" /c command, found that there are a large number of TCP connections in the TIME_WAIT state, the example is as follows: View time_wait connections

Problem Causes

For Windows operating systems starting from Windows Server 2008, the default number of dynamic ports is 16384 (starting from 49152 and ending at 65536). Since the TCP default Time Wait Delay time is 4 minutes, if there are a large number of active connections in the system, it will be in the Time_Wait state for a long time after the end and occupy a large number of ports, resulting in new connections or applications appearing due to no port usage abnormal.

Solution

Note The following steps use Windows Server 2012 R2 as an example, and the actual operation depends on your actual Windows instance operating system.

1. Use VNC to connect to the Windows instance.

2. Open the CMD command prompt.

Click the Start icon icon in the lower left corner of the desktop, and then click the Search icon icon.

b. Enter cmd in the search box. Click on Command Prompt

c. Click Command Prompt.

Enter the command prompt. go to command prompt

3. Execute the following command to view the current dynamic port configuration.

netsh int ipv4 show dynamicport tcp

The following display shows that the number of dynamic ports is 16384 (starting from 49152 and ending at 65536).

4. Run the following command to increase the number of dynamic ports.

netsh int ipv4 set dynamicport tcp start=1025 num=60000
Note The start and num parameters indicate the starting port and the number of ports, and you need to adjust the parameter values according to the actual situation.

The output is as follows, indicating that the number of dynamic ports has increased to 60000 (starting from 1025 and ending at 61025).

5. Re-access the external network or connect to the application.

• The access is successful, and the problem is solved.

• If the access fails, go to the next step and modify the registry to reduce the Time Wait time.

6. If increasing the number of dynamic ports still cannot completely solve the problem, you can reduce the Time Wait time by modifying the registry. The minimum supported setting is 30 seconds. The specific operations are as follows:

Important In order to avoid operating system problems or data loss caused by misoperation of the registry, please create a snapshot of the system disk and data disk before operating the registry, and you need to restart the Windows instance after the operation to make the modification take effect. The specific operation is as follows:

• To create a snapshot, see Create a cloud disk snapshot.

• Restart the Windows instance, see Restarting an Instance.

a. Open Registry Editor.

i. Click the Start icon icon in the lower left corner of the desktop, and then click the Search icon icon.

ii. Type regedit in the search box. Open the Registry Editor

iii. Click regedit.

Enter Registry Editor.

b. Under the Set the value data of the registry key TcpTimedWaitDelay to the decimal value 30.

If the TcpTimedWaitDelay entry does not exist, please create a corresponding registry entry, and then modify the value data. Taking TcpTimedWaitDelay as an example, the operation is as follows:

i. In Registry Editor
Under the path of Right-click the blank area of the registry key, and then select New (N) > DWORD (32-bit) Value. Create new registry key

ii. Type TcpTimedWaitDelay and press Enter.

iii. Right-click the registry key TcpTimedWaitDelay and click Modify. Click Modify Registry Key

iv. In the dialog box, check Decimal and set the Value data to 30. Need to change the value data to 30

v. Click OK.