Skip to content

How to deal with too many TCP connections on Linux

homepage-banner

Introduction

When running a web server or any other network application on Linux, one of the common issues is running out of TCP connections. The default maximum number of TCP connections is usually set low, which can cause issues when there are too many connections. In this blog post, we will discuss how to deal with too many TCP connections on Linux.

Find the source process

View the source of TCP connections on a specific port and sort them.

netstat -natl |grep ^tcp |grep ":443" |awk '{print $5}' |awk -F":" '{count[$1]++}; END{for(ip in count) print ip, ": " count[ip]}' |sort -n -k3 -r

Find the machine with the most TCP connections and check which process is using the most connections on that machine.

netstat -nap |grep ":443" |awk '{print $7}' |awk -F"/" '{print $1}' | sort | uniq -c | sort -nr

Closing Idle TCP Connections

Another way to deal with too many TCP connections is to close idle connections. Idle connections are those connections that are established but not being used. To close idle TCP connections, you need to use the tcpkill command. The tcpkill command is part of the dsniff package, which can be installed using the following command:

sudo apt-get install dsniff

Once the dsniff package is installed, you can use the following command to close idle TCP connections:

sudo tcpkill -i {interface} tcp port {port}

Replace {interface} with the name of the network interface and {port} with the port number of the TCP connections you want to close. This command will close all idle TCP connections on the specified port.

Increasing the Maximum Number of TCP Connections

The first step in dealing with too many TCP connections is to increase the maximum number of TCP connections that can be established. The maximum number of TCP connections is controlled by the net.ipv4.tcp_max_syn_backlog parameter in the sysctl.conf file. To increase the maximum number of TCP connections, you need to edit the sysctl.conf file and add the following line:

net.ipv4.tcp_max_syn_backlog = {number}

Replace {number} with the maximum number of TCP connections you want to allow. After saving the sysctl.conf file, you need to run the following command to apply the changes:

sudo sysctl -p

Using a Load Balancer

If you are still experiencing too many TCP connections after increasing the maximum number of connections and closing idle connections, you may need to consider using a load balancer. A load balancer distributes incoming network traffic across multiple servers to ensure that no single server is overwhelmed with too many connections. There are many load balancers available for Linux, including HAProxy and Nginx.

Back to Table of Contents

Disclaimer
  1. License under CC BY-NC 4.0
  2. Copyright issue feedback me#imzye.com, replace # with @
  3. Not all the commands and scripts are tested in production environment, use at your own risk
  4. No personal information is collected.
Feedback