Re: TCP connection is still in ESTABLISH state actually it is disconnected

[Jack Jackson <jack () pebbleridge com>]

At 11:16 AM 5/30/2010, Bo Xu wrote:
> Hello Guys ,
>
>          Today I have found 2 TCP connection is in ESTABLISH state while 
> the peer side said they have already disconnected the connection ,
>  but even they stopped the application , the 2 TCP connection is till 
> there :(  .
>
>          Now I am wondering when the OS will release these 2 fake 
> ESTABLISH connection .  I digged this issue by google , and I have found
>  these parameter in  my OS which is AIX 5.8 .  So AIX will release these 
> 2 connection according the tcp_keepidle (2 hours ) , Am I right ?
>
> And what tcp_keepintvl  stands for ?
>
>         tcp_keepidle = 14400
>              tcp_keepinit = 150
>             tcp_keepintvl = 150

My understanding is that tcp_keepidle is the time before the first 
keep-alive probe is sent.  If no response is received, tcp_keepintvl 
determines how often subsequent probes are sent.  tcp_keepcnt determines 
how many probes are sent without a response before the connection is dropped.

Since I believe those values for AIX are in unit of 1/2 seconds, after 2 
hours the first probe will be sent.  Every 75 seconds another probe will be 
sent.  When the tcp_keepcnt number have been sent (probably something like 
8) with nothing received, the connection will be dropped.  So I would 
expect the connection to be dropped about 2 hours and 11 minutes after the 
connection goes idle.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe