服务器端许多TIME_WAIT的费用是多少? [英] What is the cost of many TIME_WAIT on the server side?

问题描述

让我们假设有一个客户端与服务器建立了许多短期连接.

Let's assume there is a client that makes a lot of short-living connections to a server.

如果客户端关闭连接，则客户端上将有许多端口处于TIME_WAIT状态.由于客户端用尽了本地端口，因此无法快速进行新的连接尝试.

If the client closes the connection, there will be many ports in TIME_WAIT state on the client side. Since the client runs out of local ports, it becomes impossible to make a new connection attempt quickly.

如果服务器关闭连接，我将在服务器端看到许多TIME_WAIT.但是，这有什么危害吗?客户端(或其他客户端)可以继续进行连接尝试，因为它永远不会用完本地端口，并且TIME_WAIT状态的数量在服务器端会增加.最终会发生什么?会发生不好的事情吗? (速度慢，崩溃，连接断开等)

If the server closes the connection, I will see many TIME_WAITs on the server side. However, does this do any harm? The client (or other clients) can keep making connection attempts since it never runs out of local ports, and the number of TIME_WAIT state will increase on the server side. What happens eventually? Does something bad happen? (slowdown, crash, dropped connections, etc.)

请注意，我的问题不是"TIME_WAIT的目的是什么?".但是如果服务器上有太多TIME_WAIT状态会怎样?"我已经知道在TCP/IP中关闭连接时会发生什么，为什么需要TIME_WAIT状态.我不是要对其进行故障排除，而只是想知道它的潜在问题是什么.

Please note that my question is not "What is the purpose of TIME_WAIT?" but "What happens if there are so many TIME_WAIT states on the server?" I already know what happens when a connection is closed in TCP/IP and why TIME_WAIT state is required. I'm not trying to trouble-shoot it but just want to know what is the potential issue with it.

简单地说，假设netstat -nat | grep :8080 | grep TIME_WAIT | wc -l打印100000.会发生什么?操作系统的网络堆栈是否变慢? 打开文件太多"错误?还是没有什么可担心的?

To put simply, let's say netstat -nat | grep :8080 | grep TIME_WAIT | wc -l prints 100000. What would happen? Does the OS's network stack slow down? "Too many open files" error? Or, just nothing to worry about?

推荐答案

TIME_WAIT中的每个套接字都消耗内核中的一些内存，通常比ESTABLISHED套接字少一些，但仍然很重要.足够大的数量可能会耗尽内核内存，或者至少会降低性能，因为该内存可用于其他目的. TIME_WAIT套接字不保存打开的文件描述符(假设它们已正确关闭)，因此您不必担心打开的文件太多"错误.

Each socket in TIME_WAIT consumes some memory in the kernel, usually somewhat less than an ESTABLISHED socket yet still significant. A sufficiently large number could exhaust kernel memory, or at least degrade performance because that memory could be used for other purposes. TIME_WAIT sockets do not hold open file descriptors (assuming they have been closed properly), so you should not need to worry about a "too many open files" error.

套接字还占用了特定的src/dst IP地址和端口，因此在TIME_WAIT间隔时间内无法重复使用. (这是TIME_WAIT状态的预期目的.)占用端口通常不是问题，除非您需要使用相同的端口对重新连接.大多数情况下，一侧会使用临时端口，而只有一侧会固定在众所周知的端口上.但是，如果您反复频繁地在相同的两个IP地址之间进行连接，则大量的TIME_WAIT套接字会耗尽临时端口空间.请注意，这只会影响该特定IP地址对，而不会影响与其他主机的连接建立.

The socket also ties up that particular src/dst IP address and port so it cannot be reused for the duration of the TIME_WAIT interval. (This is the intended purpose of the TIME_WAIT state.) Tying up the port is not usually an issue unless you need to reconnect a with the same port pair. Most often one side will use an ephemeral port, with only one side anchored to a well known port. However, a very large number of TIME_WAIT sockets can exhaust the ephemeral port space if you are repeatedly and frequently connecting between the same two IP addresses. Note this only affects this particular IP address pair, and will not affect establishment of connections with other hosts.

这篇关于服务器端许多TIME_WAIT的费用是多少?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！