设置 TIME_WAIT TCP [英] Setting TIME_WAIT TCP
问题描述
我们正在尝试调整通过 TCP 接受消息并使用 TCP 进行某些内部消息传递的应用程序.在负载测试时,我们注意到响应时间显着缩短(然后完全停止),因为向系统发出更多的并发请求.在此期间,我们看到很多 TCP 连接处于 TIME_WAIT 状态,有人建议将 TIME_WAIT 环境变量从默认的 60 秒降低到 30.
We're trying to tune an application that accepts messages via TCP and also uses TCP for some of its internal messaging. While load testing, we noticed that response time degrades significantly (and then stops altogether) as more simultaneous requests are made to the system. During this time, we see a lot of TCP connections in TIME_WAIT status and someone suggested lowering the TIME_WAIT environment variable from it's default 60 seconds to 30.
根据我的理解,TIME_WAIT setting 本质上是设置 TCP 资源在连接关闭后再次可供系统使用的时间.
From what I understand, the TIME_WAIT setting essentially sets the time a TCP resource is made available to the system again after the connection is closed.
我不是网络人",对这些事情知之甚少.我需要该链接帖子中的很多内容,但稍微笨拙"了一点.
I'm not a "network guy" and know very little about these things. I need a lot of what's in that linked post, but "dumbed down" a little.
- 我想我明白为什么
TIME_WAIT值不能设置为 0,但可以安全地设置为 5 吗?10个呢?是什么决定了该值的安全"设置? - 为什么这个值的默认值为 60?我猜比我聪明得多的人有充分的理由选择它作为合理的默认值.
- 关于覆盖此值的潜在风险和好处,我还应该了解什么?
- I think I understand why the
TIME_WAITvalue can't be set to 0, but can it safely be set to 5? What about 10? What determines a "safe" setting for this value? - Why is the default for this value 60? I'm guessing that people a lot smarter than me had good reason for selecting this as a reasonable default.
- What else should I know about the potential risks and benefits of overriding this value?
推荐答案
一个TCP连接由元组指定(源IP、源端口、目的IP、目的端口).
A TCP connection is specified by the tuple (source IP, source port, destination IP, destination port).
会话关闭后出现 TIME_WAIT 状态的原因是,网络中可能仍有活动数据包在发送给您(或来自您的可能会请求某种响应的数据包).如果您要重新创建同一个元组并且其中一个数据包出现,它将被视为您的连接的有效数据包(并且可能由于排序而导致错误).
The reason why there is a TIME_WAIT state following session shutdown is because there may still be live packets out in the network on their way to you (or from you which may solicit a response of some sort). If you were to re-create that same tuple and one of those packets showed up, it would be treated as a valid packet for your connection (and probably cause an error due to sequencing).
所以 TIME_WAIT 时间一般设置为数据包最大年龄的两倍.此值是您的数据包在网络丢弃它们之前允许达到的最长时间.
So the TIME_WAIT time is generally set to double the packets maximum age. This value is the maximum age your packets will be allowed to get to before the network discards them.
这可以保证,在您被允许使用同一个元组创建连接之前,属于该元组先前化身的所有数据包都将失效.
That guarantees that, before you're allowed to create a connection with the same tuple, all the packets belonging to previous incarnations of that tuple will be dead.
这通常决定了您应该使用的最小值.最大数据包寿命由网络属性决定,例如卫星寿命高于 LAN 寿命,因为数据包还有很长的路要走.
That generally dictates the minimum value you should use. The maximum packet age is dictated by network properties, an example being that satellite lifetimes are higher than LAN lifetimes since the packets have much further to go.
这篇关于设置 TIME_WAIT TCP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
