用netstat命令发现大量的TIME_WAIT现象:
netstat -ae|grep 1521|grep root
……
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
TIME_WAIT root
检查net.ipv4.tcp_tw当前值,将当前的值更改为1分钟:
[root@aaa1 ~]# sysctl -a|grep net.ipv4.tcp_tw
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_tw_recycle = 0
[root@aaa1 ~]#
vi /etc/sysctl
增加或修改net.ipv4.tcp_tw值:
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
使内核参数生效:
[root@aaa1 ~]# sysctl -p
[root@aaa1 ~]# sysctl -a|grep net.ipv4.tcp_tw
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
用netstat再观察正常
这里解决问题的关键是如何能够重复利用time_wait的值,我们可以设置时检查一下time和wait的值
#sysctl -a | grep time | grep wait
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120
net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60
net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120