time_waits are normal part of the tcp teardown process. I would first try to understand if there is any tcp keepalive happening on the connections to the origin and either fix it or make it so that they are used more often. If you are an very busy site and if the connection rate at the origins is high enough, even with keepalive, i would try the the 2nd set of sysctl changes before the tcp_tw_reuse one as a last resort.
Sridhar On Fri, Aug 24, 2012 at 5:12 AM, Reindl Harald <[email protected]> wrote: > > > Am 24.08.2012 11:06, schrieb Andrew Ashcroft: > >> We’re seeing a lot of TCP connections in time_wait on our origin servers and >> it’s beginning to effect the >> performance of the site. > > TIME_WAIT is from the view of the application a closd connection > http://developerweb.net/viewtopic.php?id=2941 > > /etc/sysct.conf: > net.ipv4.tcp_tw_reuse = 1 > > followed by "sysctl -p" may help here > ________________________ > > you may also like these changes in busy servers > > net.ipv4.tcp_fin_timeout = 5 > net.ipv4.tcp_retries1 = 6 > net.ipv4.tcp_syn_retries = 6 > net.ipv4.tcp_synack_retries = 2 > net.ipv4.ip_local_port_range = 2000 65535 > net.ipv4.tcp_slow_start_after_idle = 0 > > >
