TCP Keepalives explained

What are TCP Keepalives? How do they work?


When two hosts are connected over a network via TCP/IP, TCP Keepalive Packets can be used to determine if the connection is still valid, and terminate it if needed.

Most hosts that support TCP also support TCP Keepalive. Each host (or peer) periodically sends a TCP packet to its peer which solicits a response. If a certain number of keepalives are sent and no response (ACK) is recieved then the sending host will terminate the connection from its end.

If a connection has been terminated due to a TCP Keepalive time-out and the other host eventually sends a packet for the old connection, the host that terminated the connection will send a packet with the RST flag set to signal the other host that the old connection is no longer active. This will force the other host to terminate its end of the connection so a new connection can be established.

Typically TCP Keepalives are sent every 45 or 60 seconds on an idle TCP connection, and the connection is dropped after 3 sequental ACKs are missed. This varies by host, e.g. by default Windows PCs send the first TCP Keepalive packet after 7200000ms (2 hour)s, then sends 5 Keepalives at 1000ms intervals, dropping the connection if there is no response to any of the Keepalive packets.

Keepalive characteristics vary across the Lantronix product line. For information on TCP Keepalive for your Lantronix product please read it's User Guide, available from http://www.lantronix.com/support/downloads/

For further information on TCP Keepalives please see page 101 of RFC1122:
http://tools.ietf.org/html/rfc1122#page-101

Also, see TCP Keepalive section in this Wikipedia Article:
http://en.wikipedia.org/wiki/Keepalive#TCP_Keepalive

Note that as currently practiced, most TCP Keepalive impementations are not compliant with parts of RFC2217, e.g. most hosts enable TCP Keepalive by default and use a Keepalive Period of much less than 2 hours. In the time since the RFC was written in October of 1989 it has been determined that enabling TCP Keepalive by default and using shorter periods is much more useful than the protocol defined in the RFC.

Unless there is some overriding reason to disable TCP Keepalive Lantronix strongly recommends that it be left enabled. The amount of traffic generated by TCP Keepalive is minimal, and as detailed above, stale connections will be automatically terminated so that the Lantronix server becomes available for a new connection. If TCP Keepalive is disabled and a TCP connection is terminated unexpectedly then the Lantronix server's TCP port will remain busy and unavailable for connection over the network until the Lantronix server is rebooted or power cycled.



[Originally Published On: 02/11/2009 12:03 PM]