View Network Status Detailed Use NetStat

1. 11 network connection status on Linux servers:

Photo: TCP state machine

Normally: a normal TCP connection will have three phases: 1, TCP three handshake; 2, data transfer; 3, TCP four times

Note: The following instructions are best to be understood in conjunction with the “state machine of TCP”.

SYN: (Synchronous Sequence Number, SYNCHRONIZE SEQUENCE NUMBERS) This flag is only valid when the TCP connection is established three handshakes. Represents a new TCP connection request.

ACK: (confirmation number, Acknowledgement Number) is an confirmation flag for the TCP request, and the peer system has successfully received all data.

FIN: (End Sign, FINISH) is used to end a TCP back. But the corresponding port is still open, ready to receive subsequent data.

1), listen: First of all the server needs to open a socket for monitoring, status is listen. / * The socket is listenging for incoming connections. Sense of connection request from the remote TCP port * /

2), SYN_SENT: The client uses Connect through the application to make Active Open. The client TCP sends a SYN to request a connection. The status is set to syn_sent. / * The socket is actively attempting to Establish a connection. In the send connection Request after waiting for the matching connection request * /

3), SYN_RECV: The server should issue an ACK confirmation client’s SYN, while sending a SYN to the client to SYN_RECV / * a Connection Request Has Been received from the network. After receiving and sending a connection request Waiting for confirmation of the connection request * /

4), ESTABLISHED: Represents an open connection, the two sides can do or have already interacted in the data. / * The socket has an established connection. On behalf of an open connection, the data can be delivered to the user * /

5), fin_wait1: Active Close end application calls CLOSE, then its TCP issues a FIN request to turn off the connection, then enter the Fin_Wait1 status ./* the socket is closed, and the connection is shutting down. Wait for remote TCP Connection interrupt request, or confirmation of the previous connection interrupt request * /

6), close_wait: Passive Close end TCP After receiving the FIN, issue an ACK to respond to the FIN request (which is also transmitted to the upper application as the file endester), and enters Close_Wait. / * The Remote End Has Shut Down, Waiting for the Socket To Close. Waiting for the connection interrupt request from the local user * /

7), FIN_WAIT2: After receiving the ACK actively closed, enter the FIN-WAIT-2 ./* connections is closed, and the socket is waiting for a shutdown from the remote end. From the remote TCP waiting connection interrupt request * /

8), Last_Ack: After passively closing the end, the application that receives the file end value will call Close to close the connection. This causes its TCP to send a FIN, waiting for the other party ACK. Enter Last-Ack. / * The Remote end Down, and the socket isclosed. Waiting for Acknowledgement. Waiting for the original connection to remote TCP connection interrupt Request confirmation * /

9), time_wait: After the active closure receives the FIN, TCP sends an ACK package and enters the TIME-WAIT state. / * The socket is waiting after close to handle packets still in the network. Waiting for a sufficient time to ensure that remote TCP receives confirmation of the connection interrupt request * /

10), closing: more rare ./* Both Sockets Are Shut Down But We Still Don’t Have All Our Data Sent. Waiting for remote TCP to confirm the connection interrupt * / 11), close: Passive Close is accepted by ACK Pack After that, it enters the state of the closed. The connection ends ./* The socket is not being used. No connection status * /

The formation of the Time_Wait state only occurs one of the active shutdown connections.

After receiving the passive Close-up FIN request, the active shutdown is sent to the other party an ACK, modify its own status by fin_wait2 to Time_Wait, and must wait 2 times MSL (Maximum Segment Lifetime, MSL is a datam newspaper When you can exist in Internetwork), the two sides can change the status to Closed to close the connection. At present, the TIME_WAIT state is currently 60 seconds.

Of course, many TCP states have corresponding explanations or settings in the system, see MAN TCP

Second, there is a long connection and short connection:

Popular point: Short connection is a TCP request to get the result, the connection is ended immediately. The long connection does not disconnect immediately, keep it until long connection timeout (specific procedures have related parameters). Long connection can be avoided Continuous TCP three handshakes and four waves.

Keepalive is required to maintain a probe package on both sides, during Keepalive, the server and client TCP connection status is Established. The default in the HTTP version 1.1 is Keepalive (1.0 version default is not KeePalive), Both IE6 / 7/8 and Firefox are default the HTTP 1.1 version (how to see which version of the current browser is used, here is not described herein). Apache, Java

An application is that the use of a short connection or a long connection should be used depending on the situation. General applications should use long connections.

1, Linux related KeePalive parameters

a, tcp_keepalive_time – integer

HOW OFTEN TCP Sends Out Keepalive Messages When Keepalive is enabled.

Default: 2HOURS.


How Many Keepalive Probes TCP Sends Out, Until It Decides That That

Connection is Broken. Default Value: 9.

C, TCP_Keepalive_Intvl – INTEGER



Afault Value: 75sec I.E. Connection

Will Be Aborted After ~ 11 minutes of retries.

2, related parameter description of F5 load balancing

A, Keep Alive Interval

Specifies, When Enabled, How Frequently The System Sends Data over an idle TCP Connection, To Determine WHether The Connection Is Still Valid.

Specify: Specifier The Interval at Which The System Sends Data over an idle connection, to DETERMINE WHETER THE Connection Is Still Valid. The default is 1800 MilliseConds.


Specifies the length of time that a TCP connection remains in the TIME-WAIT state before entering the CLOSED state.Specify:. Specifies the number of milliseconds that a TCP connection can remain in the TIME-WAIT state The default is 2000.


Specifier The Length of Time That A Connection Is Idle (HAS NO Traffic) Before The Connection Is Eligible for deletion.

Specify: Specifies a Number of Seconds That The TCP Connection Can Remain Idle Before The System DELETES It. The default is 300 seconds.

3, Apache related parameters

The following is the default parameters and description of the Apache / 2.0.61 version.

a, Keepalive:

Default on.whether not to allow forestent connections

One Request Per Connection. set to “OFF” to deactivate.

B, MaxkeepaliveRequests:

Default 100.The Maximum Number of Requests To Allow

During a persistent connection. set to 0 to allow an unlimited amount.

We Recommend You Leave this Number High, for maximum Performance.

C, KeepaliveTimeout:

Default 15. Number of Seconds to Wait for the next request from the

Same Client On The Same Connection.