Thousands of TIME_WAIT connections on windows server 2008
OS: Windows Server 2008, SP2 (running on EC2 Amazon) Running my website on amazon AWS using windows server 2008. Web application is running on appache httpd & tomcat server 6.02. Web server has keep-alive settings. There are around 69,250 (http port 80) + 15000 (other than port 80) TCP connections in TIME_WAIT state (used netstat & tcpview). I stopped web server 24 hours ago, but still netstat shows almost same number of TIME_WAIT connections. Almost all of these connections are the same ones which have been in TIME_WAIT state since yesterday. Performance montior counters : TCPv4 Active Connections: 145K TCPv4 Passive Connections: 475K TCPv4 Failure Connections: 16K TCPv4 Connections Reset: 23K HKEY_LOCAL_MACHINE\System \CurrentControlSet\Services\Tcpip\Parameters does not have TcpTimedWaitDelay key, so value should be the default (2*MSL, 4 mins) Even if there are thousands of connection requests are coming at the same time, why windows OS is not able to clean them eventually? What could be the reasons behind this situation? Is there any way to forcefully close all these TIME_WAIT connections without restarting windows OS?
March 18th, 2011 10:46am

Hi Customer, When many connections are required simultaneously or in rapid succession, it is possible that the default time setting might not be short enough to prevent the system from running out of available ports to allocate to the application. In this case, you may set the MaxUserPort setting to 20000 and the TcpTimedWaitDelay to 30. Server reboot is required for taking effect. Please refer to KB328476. Description of TCP/IP settings that you may have to adjust http://support.microsoft.com/kb/328476 Windows TCP/IP Ephemeral, Reserved, and Blocked Port Behavior http://technet.microsoft.com/en-us/library/bb878133.aspx Explaining Close_Wait http://blogs.technet.com/b/janelewis/archive/2010/03/09/explaining-close-wait.aspx Regards, Rick Tan
Free Windows Admin Tool Kit Click here and download it now
March 21st, 2011 11:51pm

I don't see how that answers his problem. He stopped the web server. The TIME_WAIT's are still there exceeding the max time set in the registry. I'm facing a similar problem. I had a windows service I wrote go nuts and create 16,000+ TCP connections. I stopped the service more than 30 minutes ago but the TIME_WAITS are still there. Reducing the time in the registry won't fix it since it's already greatly exceeded what it's already set to. Windows 2008 R2 Web Edition 64bit. I guess rebooting or just keep waiting are my only options?
May 3rd, 2011 11:55pm

Hi Customer, After you change the two entry in registry, please reboot server in your suitable time.Regards, Rick Tan
Free Windows Admin Tool Kit Click here and download it now
May 4th, 2011 1:14am

I don't think the above procedure (restarting the server) really solved the problem. I am also using Amazon AWS and I was facing the same problems as you did, lots and lots of TIME_WAIT connections and adjusting the TcpTimedWaitDelay didn't solved the problem. It seems to be a problem from Amazon, fortunately they fixed it now and all you have to do is Stop and Start your server instance (not restart, but Stop and Start). More information can be found here: http://serverfault.com/questions/250787/tons-of-tcp-connections-in-time-wait-state-on-windows-2008-running-on-amazon-aw Hope this helps, Cosmin
May 11th, 2011 5:41am

My win 2008 R2 server 64Bit Does not have the parmeters in: HKEY_LOCAL_MACHINE\System \CurrentControlSet\Services\Tcpip\Parameters The 2 things you talk about are not there: MaxUserPort and TcpTimedWaitDela We had a DDOS attack some time ago, and from that date we simply dont have enough connections. i have: Rebooted 100 times i have stop startet services IIS and SQL but no matter what i do i have thounsands of wating conetios to close :( they just never go away.. (port 55667 is what we use for SQL, i hope thats not an issue?) here a shot list of some of the last ons, there are so many CMD cant display them all. TCP 127.0.0.1:58584 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58585 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58586 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58587 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58588 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58589 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58590 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58591 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58592 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58593 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58594 127.0.0.1:55667 TIME_WAIT So what do i do to solve this??? How do i remove those hanging connections? And do i add this to the reg to keep it from happening in the future.? http://tripoverit.blogspot.com/2008/08/improve-windows-networking-especially.html I hope some of you will help me out, im a roads end, i have searched,read, searched the net for weeks now :( Thanks BrownGhost (win7 64bit)
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2011 11:54pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics