Bug 15783

Summary: tcp connections linger too long in the timed wait state
Product: Base System Reporter: pfritz <pfritz>
Component: kernAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 3.3-RELEASE   
Hardware: Any   
OS: Any   

Description pfritz 1999-12-30 15:40:02 UTC 
While stress-testing Apache on FreeBSD, we found an out of memory condition. We found that tcp streams are kept in the last stage (the timed wait) for 60 seconds, while the specs say that this state has to last 2 round-trip times. So, if you open and close enough connections per second, you can waste all memory and halt the service. This error was also present in OpenBSD and NetBSD, but they crashed to the kernel when out of memory, while FreeBSD only didn't let more connections to be created until the others timed out.

Fix: 

I could alleviate the problem changing the timeout form 60 seconds to 6 seconds, but what should be done is the rewriting of the tcp state machine.
I changed in /usr/src/sys/netinet/tcp_timer.h the value of TCPTV_MSL from 30 seconds to 3 seconds, and rebuilt the kernel.
How-To-Repeat: open a connection to the web server, close it, and look at how many seconds it takes to destroy the endpoint and release the memory.
I used netstat -m.
Comment 1 jlemon freebsd_committer freebsd_triage 1999-12-30 17:29:51 UTC 
State Changed
From-To: open->closed

This is not a bug - the TCP specification requires the side that did 
an active close to linger in the TIME_WAIT state for 2*MSL.  MSL is 
by convention set to 30 sec.  If you want to circumvent the spec, you 
can do so by changing the TCPTV_MSL definition.  Note that in -current, 
this is now a sysctl: net.inet.tcp.msl 
-- 
Jonathan