How Do I Reduce the Time for Canceling TCP Connections in TIME_WAIT State on Windows
Question
In a large-scale Windows environment, a large number of Transmission Control Protocol (TCP) connections in the TIME_WAIT state exist after Nginx reverse proxy service is adopted. By default, TCP connections in the TIME_WAIT state is canceled in 4 minutes. By default, the dynamical TCP ports ranges from 49152 to 65535. As a result, TCP connections are recycled slowly, which leads to a throughput decrease or access failures (error code: 502). You can modify operating system (OS) kernel parameters to shorten the recycling duration for TCP connections in the TIME_WAIT state and enlarge the dynamical TCP port range. This ensures that OS port resources are available when a large number of clients access the server concurrently.
Answer
- Log in to the Windows OS as the Administrator user.
Log in to the server as the SWMaster user if the Windows is hardened.
- Change the recycling duration for TCP connections.
- On Windows, choose Start > Run.
- In the Run dialog box, enter regedit and press Enter to open the registry editor.
- In the Registry Editor, open HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters.
- Choose Edit > New > DWORD (32-bit) Value and enter TcpTimedWaitDelay.
- Right-click TcpTimedWaitDelay and choose Modify from the shortcut menu.
- In the Base area of the Edit DWORD (32-bit) Value dialog box, set the decimal number to 30 and click OK.
- Exit the registry editor.
- Modify the port range.
- On Windows, choose Start > Run.
- Enter cmd and press Enter to open the command-line interface.
- Run the following command to modify the port range:
netsh int ipv4 set dynamicportrange tcp startport=5000 numberofports=60000
- Restart the OS.
