Huge amount of TIME_WAIT connections says netstat

networking linux tcpip debian netstat

Solution 1:

EDIT: tcp_fin_timeout DOES NOT control TIME_WAIT duration, it is hardcoded at 60s

As mentioned by others, having some connections in TIME_WAIT is a normal part of the TCP connection. You can see the interval by examining /proc/sys/net/ipv4/tcp_fin_timeout:

[root@host ~]# cat /proc/sys/net/ipv4/tcp_fin_timeout
60

And change it by modifying that value:

[root@dev admin]# echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout

Or permanently by adding it to /etc/sysctl.conf

net.ipv4.tcp_fin_timeout=30

Also, if you don't use the RPC service or NFS, you can just turn it off:

/etc/init.d/nfsd stop

And turn it off completely

chkconfig nfsd off

Solution 2:

TIME_WAIT is normal. It's a state after a socket has closed, used by the kernel to keep track of packets which may have got lost and turned up late to the party. A high number of TIME_WAIT connections is a symptom of getting lots of short lived connections, not nothing to worry about.

Related

What is a system state backup for?
Which permissions/rights does a user need to have WMI access on remote machines?
How to correct Postfix' 'Relay Access Denied'?
Is X.Y.Z.0 a valid IP address?
Disable local delivery in Sendmail
How to setup ssh's umask for all type of connections
Connecting to a remote server through a VPN when the local network subnet address conflicts with a remote network
Linux - Running The Same Command on Many Machines at Once
Start N processes with one systemd service file
How bad is it really to install Linux on one big partition?
How do I know if my Linux server has been hacked?
Choosing between meaningful and meaningless hostnames [closed]