Using TCP keepalive under Linux

Linux has built-in support for keepalive. You need to enable TCP/IP networking in order to use it. You also need procfs support and sysctl support to be able to configure the kernel parameters at runtime.

The procedures involving keepalive use three user-driven variables:

tcp_keepalive_time

the interval between the last data packet sent (simple ACKs are not considered data) and the first keepalive probe; after the connection is marked to need keepalive, this counter is not used any further

tcp_keepalive_intvl

the interval between subsequential keepalive probes, regardless of what the connection has exchanged in the meantime

tcp_keepalive_probes

the number of unacknowledged probes to send before considering the connection dead and notifying the application layer

Remember that keepalive support, even if configured in the kernel, is not the default behavior in Linux. Programs must request keepalive control for their sockets using the setsockoptinterface. There are relatively few programs implementing keepalive, but you can easily add keepalive support for most of them following the instructions explained later in this document.

3.1. Configuring the kernel

There are two ways to configure keepalive parameters inside the kernel via userspace commands:

  • procfs interface
  • sysctl interface

We mainly discuss how this is accomplished on the procfs interface because it‘s the most used, recommended and the easiest to understand. The sysctl interface, particularly regarding the  sysctl(2) syscall and not the  sysctl(8) tool, is only here for the purpose of background knowledge.

3.1.1. The procfs interface

This interface requires both sysctl and  procfs to be built into the kernel, and procfs mounted somewhere in the filesystem (usually on  /proc, as in the examples below). You can read the values for the actual parameters by "catting" files in  /proc/sys/net/ipv4/ directory:

  # cat /proc/sys/net/ipv4/tcp_keepalive_time
  7200

  # cat /proc/sys/net/ipv4/tcp_keepalive_intvl
  75

  # cat /proc/sys/net/ipv4/tcp_keepalive_probes
  9
        

The first two parameters are expressed in seconds, and the last is the pure number. This means that the keepalive routines wait for two hours (7200 secs) before sending the first keepalive probe, and then resend it every 75 seconds. If no ACK response is received for nine consecutive times, the connection is marked as broken.

Modifying this value is straightforward: you need to write new values into the files. Suppose you decide to configure the host so that keepalive starts after ten minutes of channel inactivity, and then send probes in intervals of one minute. Because of the high instability of our network trunk and the low value of the interval, suppose you also want to increase the number of probes to 20.

Here‘s how we would change the settings:

  # echo 600 > /proc/sys/net/ipv4/tcp_keepalive_time

  # echo 60 > /proc/sys/net/ipv4/tcp_keepalive_intvl

  # echo 20 > /proc/sys/net/ipv4/tcp_keepalive_probes
        

To be sure that all succeeds, recheck the files and confirm these new values are showing in place of the old ones.

Remember that procfs handles special files, and you cannot perform any sort of operation on them because they‘re just an interface within the kernel space, not real files, so try your scripts before using them, and try to use simple access methods as in the examples shown earlier.

You can access the interface through the   sysctl(8) tool, specifying what you want to read or write.

  # sysctl \
  > net.ipv4.tcp_keepalive_time \
  > net.ipv4.tcp_keepalive_intvl \
  > net.ipv4.tcp_keepalive_probes
  net.ipv4.tcp_keepalive_time = 7200
  net.ipv4.tcp_keepalive_intvl = 75
  net.ipv4.tcp_keepalive_probes = 9
        

Note that sysctl names are very close to  procfs paths. Write is performed using the -w switch of sysctl (8):

  # sysctl -w \
  > net.ipv4.tcp_keepalive_time=600 \
  > net.ipv4.tcp_keepalive_intvl=60 \
  > net.ipv4.tcp_keepalive_probes=20
  net.ipv4.tcp_keepalive_time = 600
  net.ipv4.tcp_keepalive_intvl = 60
  net.ipv4.tcp_keepalive_probes = 20
        

Note that sysctl (8) doesn‘t use sysctl(2) syscall, but reads and writes directly in the procfs subtree, so you will need procfs enabled in the kernel and mounted in the filesystem, just as you would if you directly accessed the files within the procfs interface.   Sysctl(8) is just a different way to do the same thing.

3.1.2. The sysctl interface

There is another way to access kernel variables: sysctl(2 ) syscall. It can be useful when you don‘t have procfs available because the communication with the kernel is performed directly via syscall and not through the procfs subtree. There is currently no program that wraps this syscall (remember that  sysctl(8) doesn‘t use it).

For more details about using  sysctl(2) refer to the manpage.

3.2. Making changes persistent to reboot

There are several ways to reconfigure your system every time it boots up. First, remember that every Linux distribution has its own set of init scripts called by init (8). The most common configurations include the /etc/rc.d/ directory, or the alternative, /etc/init.d/. In any case, you can set the parameters in any of the startup scripts, because keepalive rereads the values every time its procedures need them. So if you change the value of tcp_keepalive_intvl when the connection is still up, the kernel will use the new value going forward.

There are three spots where the initialization commands should logically be placed: the first is where your network is configured, the second is the rc.local script, usually included in all distributions, which is known as the place where user configuration setups are done. The third place may already exist in your system. Referring back to the sysctl (8) tool, you can see that the -p switch loads settings from the  /etc/sysctl.conf configuration file. In many cases your init script already performs the sysctl -p (you can "grep" it in the configuration directory for confirmation), and so you just have to add the lines in  /etc/sysctl.conf to make them load at every boot. For more information about the syntax of  sysctl.conf(5), refer to the manpage

时间: 2024-10-23 07:52:25

Using TCP keepalive under Linux的相关文章

TCP keepalive under Linux

TCP Keepalive HOWTO Prev   Next 3. Using TCP keepalive under Linux Linux has built-in support for keepalive. You need to enable TCP/IP networking in order to use it. You also need procfs support and sysctl support to be able to configure the kernel p

TCP Keepalive HOWTO

TCP Keepalive HOWTO Fabio Busatto <[email protected]> 2007-05-04 Revision History Revision 1.0 2007-05-04 Revised by: FB First release, reviewed by TM. This document describes the TCP keepalive implementation in the linux kernel, introduces the over

TCP keepalive

  2. TCP keepalive overview In order to understand what TCP keepalive (which we will just call keepalive) does, you need do nothing more than read the name: keep TCP alive. This means that you will be able to check your connected socket (also known a

AIX/Linux/Solaris/HP-UXAIX查看系统TCP keepalive值

查看系统TCP keepalive值: AIX: $ no -a | grep keep HP-UX and Solaris: $ ndd -get /dev/tcp tcp_keepalive_interval Linux: $ sysctl -a | grep keep AIX/Linux/Solaris/HP-UXAIX查看系统TCP keepalive值

TCP KEEP-ALIVE和TCP_USER_TIMEOUT机制

正常通信的情况下,send函数发送成功会返回发送数据的字节数.当有错误发生时,send返回-1,全局变量errno被设置.很多情况下,send返回-1是由于连接被对端关闭(对端发送了RST或者FIN包),这种情况errno会被设置为ECONNRESET(Connection reset by peer). 可是在对端的网线被拔.网卡被卸载或者禁用的时候,对端没有机会向本地操作系统发送TCP RST或者FIN包来关闭连接.这时候操作系统不会认为对端已经挂了.所以在调用send函数的时候,返回的仍然

快速学习C语言三: 开发环境, VIM配置, TCP基础,Linux开发基础,Socket开发基础

上次学了一些C开发相关的工具,这次再配置一下VIM,让开发过程更爽一些. 另外再学一些linux下网络开发的基础,好多人学C也是为了做网络开发. 开发环境 首先得有个Linux环境,有时候家里机器是Windows,装虚拟机也麻烦,所以还不如30块钱 买个腾讯云,用putty远程练上去写代码呢. 我一直都是putty+VIM在Linux下开发代码,好几年了,只要把putty和VIM配置好,其实 开发效率挺高的. 买好腾讯云后,装个Centos,会分配个外网IP,然后买个域名,在DNSPod解析过去

为什么基于TCP的应用需要心跳包(TCP keep-alive原理分析)

TCP keep-alive的三个参数 用man命令,可以查看linux的tcp的参数: man 7 tcp 其中keep-alive相关的参数有三个: tcp_keepalive_intvl (integer; default: 75; since Linux 2.4) The number of seconds between TCP keep-alive probes. tcp_keepalive_probes (integer; default: 9; since Linux 2.2)

TCP连接探测中的Keepalive和心跳包. 关键字: tcp keepalive, 心跳, 保活

1. TCP保活的必要性 1) 很多防火墙等对于空闲socket自动关闭 2) 对于非正常断开, 服务器并不能检测到. 为了回收资源, 必须提供一种检测机制. 2. 导致TCP断连的因素 如果网络正常, socket也通过close操作来进行优雅的关闭, 那么一切完美. 可是有很多情况, 比如网线故障, 客户端一侧突然断电或者崩溃等等, 这些情况server并不能正常检测到连接的断开. 3. 保活的两种方式: 1) 应用层面的心跳机制 自定义心跳消息头. 一般客户端主动发送, 服务器接收后进行回

tcp keepalive选项

之前一直对tcp keepalive选项理解有误, 以为通过setsockopt函数设置SO_KEEPALIVE和相关参数后该socket则使用设置的keepalive相关参数 否则使用系统默认的:keepalive配置(如下) [email protected]:/# sysctl -a | grep keepnet.ipv4.tcp_keepalive_intvl = 30net.ipv4.tcp_keepalive_probes = 9net.ipv4.tcp_keepalive_time