Reduce TIME_WAIT socket connections

Rob —  June 12, 2014 — 4 Comments

Some time in your life you’ll run across an Apache server that always has tons of TIME_WAIT connections just seeming to hang out. While these don’t take up as many resources as an ESTABLISHED connection, why keep them around so long? This short article will show you how to identify how many you have, and how to tell your server to reduce them, reuse and recycle them (see, recycling IS a good thing).

First, SSH into your server and become root.

Next, let’s see how many TIME_WAITs you have hanging out:

You should see something like:

So – let’s get that number smaller.

See what your current values are in these files by catting them to the screen:

If you have default settings, you’ll probably see values of 60, 0 and 0. Let’s change those values to 30, 1, 1.

Now, let’s make the change persistent by adding them to the sysctl.conf file. First however, let’s make sure there aren’t any entries in there yet for these settings.. cat the file and grep for the changes we’re about to make:

Make notes of what your settings are if you had any results..

Now, edit the /etc/sysctl.conf with your favorite editor and add these lines to the end of it (or edit the values you have in yours if they exist already):

Now, let’s rerun that command from before and see where your TIME_WAITs are at:

You may need to wait at least a minute or so (depending on what your old values were) to see a change here.

Be sure to comment below if you have any questions or other thoughts!

Related posts from Linux Brigade!

  • Patch your WHM/cPanel machine for heartbleedPatch your WHM/cPanel machine for heartbleed You’ve certainly heard about Heartbleed by now. If not, you can read more about this vulnerability at Continue reading this post to find out if you’re vulnerable, and how […]
  • Globally disable directory listing on WHM/cPanelGlobally disable directory listing on WHM/cPanel One of the things that WHM/cPanel servers have on by default is directory listing. This is something you don’t want – but it’s easy to fix!

    1. Log into WHM
    2. Apache Configuration […]

  • Bash ShellShock bug – Find out if you’ve been “tested”Bash ShellShock bug – Find out if you’ve been “tested” We’ve seen the articles about how to find out if you’re vulnerable to the bash shellshock bug, we’ve also seen the articles on how to patch your system.  What I’ll show you is how to find […]
  • Lock down your SSH port/accessLock down your SSH port/access The instant a Linux server is connected to a public network it starts getting hit by attackers. There are people out there running programs constantly against IP ranges and they’ve hit […]
  • Migrate mail from one server to another with imapsyncMigrate mail from one server to another with imapsync Have you been in the situation where you needed to move everyone’s mail from one provider to another?  It’s a pain to do using the mail client one at a time, but with this guide, you’ll be […]

4 responses to Reduce TIME_WAIT socket connections

  1. Nice write-up. I’m sure it will be helpful.

    Anyway, I know it’s not a big deal, but you should avoid using useless use of cat.

    for example, this:

    can be done like this:


    • Thanks for the comment.. Yeah – I hear you, but wanted to keep it as simple as possible and so the reader (if they weren’t seasoned) understood what was happening since they’re going to be root when running most of these commands… 😉

    • You are assuming that the config file matches reality, which may not be the case, as these options can be changed dynamically.

  2. Many Thanks Brother

Leave a Reply

Text formatting is available via select HTML.

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">