Nginx does not free properly TCP socket?

0
votes

I'm using Nginx and it sounds that TCP socket are not properly released by Nginx. Clients which connects to my Nginx are using a proxy and so far, the same 4-tuplets ip source, port source, ip dest, port dest could be re-used in a very short period (less than 1 minute). When it occurs, Nginx seems to be lost.

Here is what I can see in a tcpdump trace : - FIN,ACK initiated by Nginx to close the session - ACK from the client - FIN,ACK from the client - ACK for the server

If the client tries to reconnect very rapidly (less than 1 minute) with the same 4-tuplets, it fails. The client sends SYN TCP packet but Nginx replies with an ACK containing an unknown sequence (the sequence number if very high and does not make any sense with the previous TCP session).

If the same 4-tuplet is re-used after more than 1 minute, there is no problem.

Thank in advance to anyone who could have an idea to solve this problem Aurélien

1
linuxsocketsnginxtcp
NGINX replies with a SYN/ACK with a new sequence number for that direction. That's what it's supposed to do. If this is your only evidence that there is a problem, there isn't. Certainly no evidence of anything resembling your title. - user207421

1 Answers

3
votes

I am not familiar with Nginx, but in general, TCP sockets can remain in a TIME_WAIT state after being closed for up to several minutes in order to catch stray out-of-order packets. The 4-tuple cannot be reused until the TIME_WAIT state expires.

See: