Home / server / Questions / 7689
Accepted
Gert M
Asked: 2009-05-14 00:40:14 +0800 CST

How do I get rid of sockets in FIN_WAIT1 state?

  • 772

I have a port that is blocked by a process I needed to kill. (a little telnet daemon that crashed). The process was killed successfully but the port is still in a 'FIN_WAIT1' state. It doesn't come out of it, the timeout for that seems to be set to 'a decade'.

The only way I've found to free the port is to reboot the entire machine, which is ofcourse something I do not want to do.

$ netstat -tulnap | grep FIN_WAIT1 
tcp        0  13937 10.0.0.153:4000         10.0.2.46:2572          FIN_WAIT1  -

Does anyone know how I can get this port unblocked without rebooting?

linux port netstat

9 Answers

  1. Best Answer
    # record what tcp_max_orphans's current value
original_value=$(cat /proc/sys/net/ipv4/tcp_max_orphans)

#set the tcp_max_orphans to 0 temporarily
echo 0 > /proc/sys/net/ipv4/tcp_max_orphans

# watch /var/log/messages
# it will split out "kernel: TCP: too many of orphaned sockets"
# it won't take long for the connections to be killed

# restore the value of tcp_max_orphans whatever it was before. 
echo $original_value > /proc/sys/net/ipv4/tcp_max_orphans

# verify with 
netstat -an|grep FIN_WAIT1
    • 25

  2. You should be able to set the timeout with /proc/sys/net/ipv4/tcp_fin_timeout.

    There really doesn't seem to be any way to clear the socket manually.

    • 7

  3. It seems that tcp_orphan_retries setting controls how many attempts will be done before a server-less port is released. It was 0 here, after setting it to 1 the ports were gone.

    HTH

    • 6

  4. /proc/sys/net/ipv4/tcp_fin_timeout is the timeout of the FIN-WAIT-2 state, not FIN-WAIT-1. You should go with the tcpkill route or you can try to play with the keepalive times under /proc/sys/net/ipv4/tcp_keepalive_* to force a kill by the SO.

    • 5

  5. Running these steps under root ID and it cleared for me:

    Capture the kernel setting to change in a variable

    $ orig_orphans=$(sysctl -a|grep tcp_max_orph|cut -f3 -d' ')

    Temporarily set the max orphans to 0

    $ sysctl -w net.ipv4.tcp_max_orphans=0

    Check to make sure that problematic port is no longer in use

    $ netstat -np|grep 9716

    Wait a bit and repeat above step if needed until above command returns no lines

    Reset the tcp_max_orphans kernel parameter back to the original value from the variable above

    $ sysctl -w net.ipv4.tcp_max_orphans=$orig_orphans
    • 2

  6. FIN_WAIT1

    The application on local machine has closed the connection. Indication of this has been sent to the remote machine.

    You application has closed its side of the connection, the socket is now waiting for the remote side to confirm that close. If you have a problem with a lot of those sockets being held in FIN_WAIT1 then you should follow Manni's advice above.

    • 1

  7. On linux kernel >= 4.9 you can use the ss command from iproute2 with key -K

    ss -K dst 192.168.1.214 dport = 49029 the kernel have to be compiled with CONFIG_INET_DIAG_DESTROY option enabled.

    via https://unix.stackexchange.com/a/511691/43898

    • 1
    • -1

  9. this may help:

    net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_retries2 = 2
net.ipv4.tcp_orphan_retries = 1
net.ipv4.tcp_reordering = 5
net.ipv4.tcp_retrans_collapse = 0
    • -4