How do I get rid of sockets in FIN_WAIT1 state?

Solution 1:

# record what tcp_max_orphans's current value
original_value=$(cat /proc/sys/net/ipv4/tcp_max_orphans)

#set the tcp_max_orphans to 0 temporarily
echo 0 > /proc/sys/net/ipv4/tcp_max_orphans

# watch /var/log/messages
# it will split out "kernel: TCP: too many of orphaned sockets"
# it won't take long for the connections to be killed

# restore the value of tcp_max_orphans whatever it was before. 
echo $original_value > /proc/sys/net/ipv4/tcp_max_orphans

# verify with 
netstat -an|grep FIN_WAIT1

Solution 2:

You should be able to set the timeout with /proc/sys/net/ipv4/tcp_fin_timeout.

There really doesn't seem to be any way to clear the socket manually.

---

Solution 3:

It seems that tcp_orphan_retries setting controls how many attempts will be done before a server-less port is released. It was 0 here, after setting it to 1 the ports were gone.

HTH

---

Solution 4:

/proc/sys/net/ipv4/tcp_fin_timeout is the timeout of the FIN-WAIT-2 state, not FIN-WAIT-1. You should go with the tcpkill route or you can try to play with the keepalive times under /proc/sys/net/ipv4/tcp_keepalive_* to force a kill by the SO.

---

Solution 5:

Running these steps under root ID and it cleared for me:

Capture the kernel setting to change in a variable

$ orig_orphans=$(sysctl -a|grep tcp_max_orph|cut -f3 -d' ')

Temporarily set the max orphans to 0

$ sysctl -w net.ipv4.tcp_max_orphans=0

Check to make sure that problematic port is no longer in use

$ netstat -np|grep 9716

Wait a bit and repeat above step if needed until above command returns no lines

Reset the tcp_max_orphans kernel parameter back to the original value from the variable above

$ sysctl -w net.ipv4.tcp_max_orphans=$orig_orphans