How to forcibly close a socket in TIME_WAIT?
Solution 1
Actually there is a way to kill a connection - killcx. They claim it works in any state of the connection (which I have not verified). You need to know the interface where communication happens though, it seems to assume eth0 by default.
UPDATE: another solution is cutter which comes in some linux distros' repositories.
Solution 2
/etc/init.d/networking restart
Let me elaborate. Transmission Control Protocol (TCP) is designed to be a bidirectional, ordered, and reliable data transmission protocol between two end points (programs). In this context, the term reliable means that it will retransmit the packets if it gets lost in the middle. TCP guarantees the reliability by sending back Acknowledgment (ACK) packets back for a single or a range of packets received from the peer.
This goes same for the control signals such as termination request/response. RFC 793 defines the TIME-WAIT state to be as follows:
TIME-WAIT - represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request.
See the following TCP state diagram:
TCP is a bidirectional communication protocol, so when the connection is established, there is not a difference between the client and the server. Also, either one can call quits, and both peers needs to agree on closing to fully close an established TCP connection.
Let's call the first one to call the quits as the active closer, and the other peer the passive closer. When the active closer sends FIN, the state goes to FIN-WAIT-1. Then it receives an ACK for the sent FIN and the state goes to FIN-WAIT-2. Once it receives FIN also from the passive closer, the active closer sends the ACK to the FIN and the state goes to TIME-WAIT. In case the passive closer did not received the ACK to the second FIN, it will retransmit the FIN packet.
RFC 793 sets the TIME-OUT to be twice the Maximum Segment Lifetime, or 2MSL. Since MSL, the maximum time a packet can wander around Internet, is set to 2 minutes, 2MSL is 4 minutes. Since there is no ACK to an ACK, the active closer can't do anything but to wait 4 minutes if it adheres to the TCP/IP protocol correctly, just in case the passive sender has not received the ACK to its FIN (theoretically).
In reality, missing packets are probably rare, and very rare if it's all happening within the LAN or within a single machine.
To answer the question verbatim, How to forcibly close a socket in TIME_WAIT?, I will still stick to my original answer:
/etc/init.d/networking restart
Practically speaking, I would program it so it ignores TIME-WAIT state using SO_REUSEADDR option as WMR mentioned. What exactly does SO_REUSEADDR do?
This socket option tells the kernel that even if this port is busy (in
the TIME_WAIT state), go ahead and reuse it anyway. If it is busy, but with another state, you will still get an address already in use error. It is useful if your server has been shut down, and then restarted right away while sockets are still active on its port. You should be aware that if any unexpected data comes in, it may confuse your server, but while this is possible, it is not likely.
Solution 3
I don't know if you have the source code of that particular program you're running, but if so you could just set SO_REUSEADDR via setsockopt(2)
which allows you to bind on the same local address even if the socket is in TIME_WAIT state (unless that socket is actively listening, see socket(7)
).
For more information on the TIME_WAIT state see the Unix socket FAQ.
Solution 4
As far as I know there is no way to forcibly close the socket outside of writing a better signal handler into your program, but there is a /proc file which controls how long the timeout takes. The file is
/proc/sys/net/ipv4/tcp_tw_recycle
and you can set the timeout to 1 second by doing this:
echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
However, this page contains a warning about possible reliability issues when setting this variable.
There is also a related file
/proc/sys/net/ipv4/tcp_tw_reuse
which controls whether TIME_WAIT sockets can be reused (presumably without any timeout).
Incidentally, the kernel documentation warns you not to change either of these values without 'advice/requests of technical experts'. Which I am not.
The program must have been written to attempt a binding to port 49200 and then increment by 1 if the port is already in use. Therefore, if you have control of the source code, you could change this behaviour to wait a few seconds and try again on the same port, instead of incrementing.
Solution 5
Another option is to use the SO_LINGER option with a timeout of 0. This way, when you close the socket is forcibly closed, sending a RST instead of going into the FIN/ACK closing behavior. This will avoid the TIME_WAIT state, and may be more appropriate for some uses.
Related videos on Youtube
Rehan
Updated on September 17, 2022Comments
-
Rehan over 1 year
I run a particular program on linux which sometimes crashes. If you open it quickly after that, it listens on socket 49201 instead of 49200 as it did the first time. netstat reveals that 49200 is in a TIME_WAIT state.
Is there a program you can run to immediately force that socket move out of the TIME_WAIT state?
-
Pacerier over 8 yearsIf you are here due to "too many
TIME_WAIT
on server", just skip through the first three answers which avoid the question instead of answering it. -
Rehan almost 4 yearsI accepted what was the 4th answer so it should be at the top now
-
-
Chris Huang-Leaver almost 15 yearsGreat answer, but not the correct answer to his question. Restarting the networking would work, but then so would rebooting, so this can't be right.
-
Admin over 14 yearsthink the second two examples should be s/rw/tw/ I'd edit, but lack enough rep.
-
Admin about 14 yearsTaken from kernel documentation: Caution. Both tcp_tw_recycle and tcp_tw_reuse can cause problems. You should not enable either without understanding network topology in between node(s) which are using or used by the node where the parameter is enabled. Connections which go via nodes that are aware of TCP connection states, such as firewall, NAT or load balancer may start dropping frames because of the setting. The problem will become visible when there is large enough number of connections.
-
Longpoke about 14 yearsoh okay, next time some process hangs on SIGTERM I'll just smash my computer instead of fixing it.
-
Jayapal Chandran over 13 yearsbut i did not get the already bound error. when i execute the program again it listens in post(123456) also i can see a that the system is showing TIME_WAIT for that port but still i can connect. why?
-
user207421 about 13 yearsIt also loses any outbound data that is still in transit, and may cause an error at the other end. Not recommended.
-
Jingguo Yao almost 11 yearsEven with SO_REUSEADDR, it is still possible to get the "Address already in use" error. For details, refer to hea-www.harvard.edu/~fine/Tech/addrinuse.html.
-
user2910702 over 9 years@EJP Failing early is almost always the right call. Networking isn't reliable, and fighting that will slow things down. A crashed app can't assume that any data made it out safely.
-
andyn almost 9 yearsActually, I'd recommend this any day when the other endpoint is a buggy, embedded industrial bus gateway that implements its own application-layer reliable transport over TCP, where said transport prevents the connection from ever closing unless it receives RST and thus fills up the connection limit on that gateway. There. I gave you a very specific and very real example that, sadly, requires resorting to hacks like this.
-
Pacerier over 8 years@WMR
SO_REUSEADDR
does not "close" a socket. It merely enables you to reuse those that are already opened. So the question is still "How to forcibly close a socket inTIME_WAIT
?" -
Pacerier over 8 yearsSetting it to
1
works for future connections, but what about those current ones that are already opened? -
user207421 about 6 years@Tobu Networking isn't reliable, but TCP tries to be, and making that worse doesn't constitute making anything better, and letting TCP do its job doesn't constitute 'fighting' anything.
-
V-Mark over 5 yearsThis is the correct answer, but the question was not totally correct. At least solved my problem nicely (not like restart the whole network breaking all other connections as well).
-
Will almost 5 years
SO_REUSEADDR
will letbind()
proceed; but if you then want to listen to that socket,listen()
will returnEADDRINUSE
all the same. In other words, this answer may help client software using ephemeral ports, but doesn't solve the issue for server software. -
tripleee almost 5 yearsThe generalization of this is "restart network services". The specific location
/etc/init.d/networking
is platform-specific (Debian?) so the precise command line will be different (sometimes rather radically so) for other systems. I agree with other commenters that this seems like severe overkill and obviously disruptive for any unrelated network services. -
sylvainulg over 2 yearsanybody knows what was beyond the (now broken) bram.creative4vision.nl/debian/timewait.html link ?
-
Owl over 2 yearsKillcx just doesn't work for me. Cutter requires a firewall to interact with.
-
nitinr708 about 2 yearsAny command which is available in the Redhat 7 or above to achive this ?
-
akostadinov about 2 years@nitinr708 nothing out of the box afaik :/ you need to install from the upstream projects.