Thousands of TIME_WAIT connections on windows server 2008
OS: Windows Server 2008, SP2 (running on EC2 Amazon) Running my website on amazon AWS using windows server 2008. Web application is running on appache httpd & tomcat server 6.02. Web server has keep-alive settings. There are around 69,250 (http port 80) + 15000 (other than port 80) TCP connections in TIME_WAIT state (used netstat & tcpview). I stopped web server 24 hours ago, but still netstat shows almost same number of TIME_WAIT connections. Almost all of these connections are the same ones which have been in TIME_WAIT state since yesterday. Performance montior counters : TCPv4 Active Connections: 145K TCPv4 Passive Connections: 475K TCPv4 Failure Connections: 16K TCPv4 Connections Reset: 23K HKEY_LOCAL_MACHINE\System \CurrentControlSet\Services\Tcpip\Parameters does not have TcpTimedWaitDelay key, so value should be the default (2*MSL, 4 mins) Even if there are thousands of connection requests are coming at the same time, why windows OS is not able to clean them eventually? What could be the reasons behind this situation? Is there any way to forcefully close all these TIME_WAIT connections without restarting windows OS?
March 18th, 2011 10:39am

Hi Customer, When many connections are required simultaneously or in rapid succession, it is possible that the default time setting might not be short enough to prevent the system from running out of available ports to allocate to the application. In this case, you may set the MaxUserPort setting to 20000 and the TcpTimedWaitDelay to 30. Server reboot is required for taking effect. Please refer to KB328476. Description of TCP/IP settings that you may have to adjust http://support.microsoft.com/kb/328476 Windows TCP/IP Ephemeral, Reserved, and Blocked Port Behavior http://technet.microsoft.com/en-us/library/bb878133.aspx Explaining Close_Wait http://blogs.technet.com/b/janelewis/archive/2010/03/09/explaining-close-wait.aspx Regards, Rick Tan
Free Windows Admin Tool Kit Click here and download it now
March 21st, 2011 11:45pm

I don't see how that answers his problem. He stopped the web server. The TIME_WAIT's are still there exceeding the max time set in the registry. I'm facing a similar problem. I had a windows service I wrote go nuts and create 16,000+ TCP connections. I stopped the service more than 30 minutes ago but the TIME_WAITS are still there. Reducing the time in the registry won't fix it since it's already greatly exceeded what it's already set to. Windows 2008 R2 Web Edition 64bit. I guess rebooting or just keep waiting are my only options?
May 3rd, 2011 11:50pm

Hi Customer, After you change the two entry in registry, please reboot server in your suitable time.Regards, Rick Tan
Free Windows Admin Tool Kit Click here and download it now
May 4th, 2011 1:09am

I don't think the above procedure (restarting the server) really solved the problem. I am also using Amazon AWS and I was facing the same problems as you did, lots and lots of TIME_WAIT connections and adjusting the TcpTimedWaitDelay didn't solved the problem. It seems to be a problem from Amazon, fortunately they fixed it now and all you have to do is Stop and Start your server instance (not restart, but Stop and Start). More information can be found here: http://serverfault.com/questions/250787/tons-of-tcp-connections-in-time-wait-state-on-windows-2008-running-on-amazon-aw Hope this helps, Cosmin
May 11th, 2011 5:36am

My win 2008 R2 server 64Bit Does not have the parmeters in: HKEY_LOCAL_MACHINE\System \CurrentControlSet\Services\Tcpip\Parameters The 2 things you talk about are not there: MaxUserPort and TcpTimedWaitDela We had a DDOS attack some time ago, and from that date we simply dont have enough connections. i have: Rebooted 100 times i have stop startet services IIS and SQL but no matter what i do i have thounsands of wating conetios to close :( they just never go away.. (port 55667 is what we use for SQL, i hope thats not an issue?) here a shot list of some of the last ons, there are so many CMD cant display them all. TCP 127.0.0.1:58584 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58585 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58586 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58587 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58588 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58589 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58590 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58591 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58592 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58593 127.0.0.1:55667 TIME_WAIT TCP 127.0.0.1:58594 127.0.0.1:55667 TIME_WAIT So what do i do to solve this??? How do i remove those hanging connections? And do i add this to the reg to keep it from happening in the future.? http://tripoverit.blogspot.com/2008/08/improve-windows-networking-especially.html I hope some of you will help me out, im a roads end, i have searched,read, searched the net for weeks now :( Thanks BrownGhost (win7 64bit)
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2011 11:49pm

I've come across the problem twice, first time a server which is running MSSQL 2008 and the second time a server which is running Tomcat+Apache. I'm running the servers standalone and not in Amazon. The only way for me to solve the problem were to reboot the machine. Does anyone know when or if a patch for this problem will be released?
August 29th, 2011 2:32am

Hi Kecon, Try patching the hotfix 2553549 for your server if you are also running Windows server 2008: http://support.microsoft.com/kb/2553549 Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
August 29th, 2011 3:28am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics