TCP keepalive is a mechanism used to check the status of an idle connection by periodically sending “keepalive” packets. If there is no response after a certain number of attempts, the connection is considered dead and will be closed.
Properly configuring TCP keepalive settings can help optimize network performance, detect and clean up stale connections, and prevent network congestion.
In this guide, we will discuss TCP keepalive settings best practices with examples.
Default TCP Keepalive Settings
These settings are designed to detect and clean up idle connections while minimizing the impact on network performance.
tcp_keepalive_time = 7200 (seconds) tcp_keepalive_intvl = 75 (seconds) tcp_keepalive_probes = 9 (number of probes)
Here is an explanation of each setting:
- tcp_keepalive_time: This setting determines the time (in seconds) that a connection must be idle before the first keepalive packet is sent. The default value is 7200 seconds, or 2 hours. This means that if there is no data exchange on a connection for 2 hours, the system will send a keepalive packet to the remote host to check if the connection is still active.
- tcp_keepalive_intvl: This setting specifies the interval (in seconds) between successive keepalive packets if no response (acknowledgment) is received from the remote host. The default value is 75 seconds. If the first keepalive packet does not receive a response, the system will send additional keepalive packets every 75 seconds until it receives a response or reaches the maximum number of allowed probes (as defined by tcp_keepalive_probes).
- tcp_keepalive_probes: This setting defines the maximum number of unacknowledged keepalive packets that the system will send before considering the connection dead. The default value is 9 probes. If the system sends 9 keepalive packets without receiving a response, it assumes the connection is dead and closes it.
With the default TCP keepalive settings, the system will send a keepalive packet after 2 hours of inactivity on a connection. If it does not receive a response, it will continue sending keepalive packets every 75 seconds. After 9 unacknowledged keepalive packets, the system will close the connection, considering it dead.
Best Practices for TCP Keepalive Settings
The ideal TCP keepalive settings depend on your specific network requirements and the type of applications you are running. Here are some general best practices for configuring TCP keepalive settings:
1. Choose an appropriate keepalive time
Setting the tcp_keepalive_time too low may cause unnecessary network traffic and increase the load on your system. On the other hand, setting it too high may delay the detection of dead connections. As a general guideline, a value between 600 and 7200 seconds (10 minutes to 2 hours) is recommended.
I usually go with 600.
net.ipv4.tcp_keepalive_time = 600
2. Set a reasonable keepalive interval
The tcp_keepalive_intvl determines the interval between keepalive packets if no response is received from the remote host. Setting this value too low can lead to network congestion, while setting it too high may slow down the detection of dead connections. A value between 30 and 120 seconds is usually sufficient.
net.ipv4.tcp_keepalive_intvl = 60
3. Determine the number of keepalive probes
The tcp_keepalive_probes value specifies the number of unacknowledged keepalive packets that must be sent before the connection is considered dead. A higher value provides more chances for the remote host to respond, but it may also delay the detection of dead connections. A value between 3 and 10 is generally recommended.
net.ipv4.tcp_keepalive_probes = 5
Configure TCP Keepalive for a Web Server
Let’s assume you are running a web server with a moderate amount of traffic. You want to ensure that idle connections are detected and closed in a timely manner without putting too much load on the server.
I recommend using the following settings:
net.ipv4.tcp_keepalive_time = 900 # 15 minutes net.ipv4.tcp_keepalive_intvl = 60 # 1 minute net.ipv4.tcp_keepalive_probes = 5
In this example, keepalive packets will be sent after 15 minutes of inactivity. If there is no response from the remote host, additional keepalive packets will be sent every minute until a total of 5 packets have been sent without a response. If there is still no response, the connection will be considered dead and closed.
TCP keepalive settings play a crucial role in network performance and resource management. By following the best practices and adjusting the settings to suit your specific needs, you can optimize your system’s ability to detect and clean up stale network connections while maintaining optimal performance.
Please feel free to leave comments and suggest improvements to this guide. Your feedback is valuable and helps us improve our content for our audience.
What is the function of TCP keepalive?
TCP keepalive is a protocol used to verify the status of an idle network connection by periodically transmitting “keepalive” packets. If there’s no response after a certain number of attempts, the connection is deemed inactive and will be terminated. Proper configuration of TCP keepalive settings can enhance network performance, identify and eliminate stale connections, and avert network congestion.
What are the default settings for TCP keepalive?
The default TCP keepalive settings are designed to identify and eliminate idle connections while minimizing the impact on network performance. The default settings include: tcp_keepalive_time = 7200 (seconds), tcp_keepalive_intvl = 75 (seconds), and tcp_keepalive_probes = 9 (number of probes).
What are the best practices for configuring TCP keepalive settings?
The optimal TCP keepalive settings depend on your specific network requirements and the type of applications you are running. Some general best practices include selecting an appropriate keepalive time, setting a reasonable keepalive interval, and determining the number of keepalive probes.
How can I configure TCP keepalive for a web server?
Assuming you are running a web server with a moderate amount of traffic, you can use the following settings: net.ipv4.tcp_keepalive_time = 900 (15 minutes), net.ipv4.tcp_keepalive_intvl = 60 (1 minute), net.ipv4.tcp_keepalive_probes = 5. These settings ensure that idle connections are detected and closed in a timely manner without putting too much load on the server.
What role do TCP keepalive settings play in network performance?
The configuration of TCP keepalive settings is pivotal in managing network performance and resource allocation. Adhering to best practices and tailoring the settings to your unique requirements allows you to enhance your system’s efficiency in identifying and eliminating inactive network connections, all while preserving peak performance.