TCP KeepAlive
External
Internal
Overview
TCP Keep-Alive is a mechanism that insures small probe packets are periodically sent to the other end of the TCP connection, with the purpose of detecting whether the peer host crashed. Under normal circumstances, if the TCP Keep-Alive is enabled and if the TCP stacks at both ends are up, the keep-alive probe exchange will continue indefinitely if the application layers at both ends stay idle, not sending data - TCP keep-alive does not need application traffic to latch onto. For a discussion on how long a TCP stays up in presence or absence of application traffic, see Duration of a TCP Connection. Note that the keep-alive mechanism has to be explicitly enabled, whether it is enabled by default or not is implementation dependent. The keep-alive probe logic is implemented in the TCP stack: if the keep-alive option is enabled, and no application data has been exchanged across the socket in either direction for keep-alive time, by default 7,200 seconds, TCP automatically sends a keep-alive probe to the peer. This probe is a TCP segment which contains null data. In an Ethernet network, a keepalive frame length is 60 bytes, while the server response to this, also a null data frame, is 54 bytes. If a peer receives a keep-alive probe, then it must respond to it. One of three responses is expected:
- The peer responds with the expected ACK. The application is not notified, since everything is OK. TCP will send another probe following another keep-alive time seconds of inactivity.
- The peer responds with an RST, which tells the local TCP that the peer host has crashed and rebooted. As result, the socket will be closed.
- There is no response from the peer. The OS will close the socket and will release the associated resources. The application listening on that particular socket will receive an error from the OS.
Aside from application notification in case of connection failure, another benefit of enabling TCP Keep-Alive is that it keeps the connection "active" so if the connection goes over a firewall that watches for inactivity, that will prevent the firewall from dropping the connection.
Configuration
Java networking API will report whether a certain socket has its keep-alive mechanism turned on or off, and allows configuring it programmatically. See Socket SO KEEPALIVE.
Both sides of the connection can apparently have their keep-alive options configured independently.
There are three parameters related to keepalive:
Keep-Alive Time
The time of connection inactivity after which the first keep-alive request is sent. In other words, is the duration between two keepalive transmissions in idle condition. The default value on Linux is 2 hours (7,200 seconds). More details TCP KeepAlive on Linux.
Keepalive interval
The duration between two successive keepalive retransmissions, if acknowledgement to the previous keepalive transmission is not received.
Keepalive retry
The number of retransmissions to be carried out before declaring that remote end is not available.
O/S Specific Details
The fact that TCP KeepAlive is enabled or not, and how it is configured, it is OS-dependent
TCP Keepalive on Linux
- The TCP KeepAlive Source of Record http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/
- Using TCP Keepalive to Detect Network Errors http://www.gnugk.org/keepalive.html
Questions and TODO
- Can keepalive be set per TCP connection, or is a system-wide setting (all TCP/IP connections)?
- So it is true that if I don't have keep alive, my write can block forever if I power off the other end suddenly.