linux服务器，发现大量TIME_WAIT

今天登陆linux服务器，发现大量TIME_WAIT
参考资料：http://coolnull.com/3605.html 酷喃｜coolnull｜ » 大量TIME_WAIT解决办法

[root@webserver ~]# netstat -anltp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 127.0.0.1:9000              0.0.0.0:*                   LISTEN      1886/php-fpm        
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      3556/nginx          
tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN      3556/nginx          
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1208/sshd           
tcp        0      0 0.0.0.0:8089                0.0.0.0:*                   LISTEN      3556/nginx          
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      1287/master         
tcp        0      0 192.168.1.80:38326            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38274            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38290            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 127.0.0.1:9000              127.0.0.1:7970              TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38302            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38282            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38330            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38310            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 127.0.0.1:9000              127.0.0.1:7934              TIME_WAIT   -                   
tcp        0      0 192.168.1.80:80               192.168.1.253:9082            TIME_WAIT   -                   
tcp        0      0 127.0.0.1:9000              127.0.0.1:7950              TIME_WAIT   -                   
tcp        0      0 192.168.1.80:80               192.168.1.253:9080            TIME_WAIT   -                   
tcp        0      0 127.0.0.1:9000              127.0.0.1:7918              TIME_WAIT   -                   
tcp        0      0 192.168.1.80:80               192.168.1.253:9076            TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38246            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38298            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38278            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38250            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38262            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38266            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:80               192.168.1.253:9074            TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38314            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38318            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38258            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:38294            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 192.168.1.80:80               192.168.1.253:9078            TIME_WAIT   -                   
tcp        0   2752 192.168.1.80:22               192.168.1.253:63163           ESTABLISHED 26740/sshd          
tcp        0      0 192.168.1.80:38334            192.168.1.98:3310             TIME_WAIT   -                   
tcp        0      0 127.0.0.1:9000              127.0.0.1:7986              TIME_WAIT   -                   
tcp        0      0 :::3306                     :::*                        LISTEN      3508/mysqld         
tcp        0      0 :::22                       :::*                        LISTEN      1208/sshd           
tcp        0      0 ::1:25                      :::*                        LISTEN      1287/master         
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11372     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11368     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11348     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11336     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11396     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11412     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11400     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11356     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11380     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11404     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11364     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11332     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11344     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11388     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11416     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11408     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11384     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11352     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11420     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11340     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11376     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11392     TIME_WAIT   -                   
tcp        0      0 ::ffff:192.168.1.80:3306      ::ffff:192.168.1.80:11360     TIME_WAIT   -                   
[root@webserver ~]#

解决：发现系统存在大量TIME_WAIT状态的连接，通过调整内核参数解决

# vi /etc/sysctl.conf  //加入以下内容，net.ipv4.tcp_syncookies默认就有，不需要再添加
# Controls the use of TCP syncookies

cat >>/etc/sysctl.conf<<"EOF"
net.ipv4.tcp_syncookies = 1

# The TIME-WAIT sockets for new connections can be reused
net.ipv4.tcp_tw_reuse = 1

# Enable fast recycling of TIME-WAIT sockets status
net.ipv4.tcp_tw_recycle = 1

# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 30
EOF

#然后执行 /sbin/sysctl -p 让参数生效
/sbin/sysctl -p

修改之后，过一会再看发现大量的TIME_WAIT 已不存在.
以上只是暂时的解决方法

附录：
附录1.参数说明
net.ipv4.tcp_syncookies = 1 表示开启SYN Cookies。当出现SYN等待队列溢出时，启用cookies来处理可防范少量SYN攻击，默认为0表示关闭；
net.ipv4.tcp_tw_reuse = 1 表示开启重用。允许将TIME-WAIT sockets重新用于新的TCP连接，默认为0，表示关闭；
net.ipv4.tcp_tw_recycle = 1 表示开启TCP连接中TIME-WAIT sockets的快速回收，默认为0，表示关闭。
net.ipv4.tcp_fin_timeout = 30 修改系統默认的TIMEOUT时间，改为30s

posted @ 2018-04-13 15:39 davie2020 阅读(1648) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

davie_2020

linux服务器，发现大量TIME_WAIT

linux服务器，发现大量TIME_WAIT

公告