SUSE Support

Here When You Need Us

TCP SYN packets intermittently go unanswered

This document (7023254) is provided subject to the disclaimer at the end of this document.

Environment

This can happen on all SLES kernels.

Situation

LAN traces show that TCP SYN packets are received by the SLES server but do not get answered.

Resolution

Remove the unwanted kernel optimization tweaks and reboot the system to change them back to defaults.
 
Example of problem configuration:
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1

Default values:
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_tw_recycle = 0
If the system cannot be rebooted, these features can be disabled manually using methods outlined below.
 
To make a non-persistent change, set these sysctl parameters using "sysctl -w".
hostname:~ # sysctl -w net.ipv4.tcp_tw_recycle = 0
hostname:~ # sysctl -w net.ipv4.tcp_tw_reuse = 0
Or by using the procfs interface:
hostname:~ # cd /proc/sys/net/ipv4
hostname:/proc/sys/net/ipv4 # echo 0 > tcp_tw_recycle
hostname:/proc/sys/net/ipv4 # echo 0 > tcp_tw_reuse
Keep in mind though, that this change will not survive a reboot !
 
To make the change persistent, set these to their default values in the /etc/sysctl.conf file then use "sysctl -p" to apply the new configuration to the running kernel.
 
This fix will survive a reboot because the system reads in the /etc/sysctl.conf at boot time. 
 
Removing these lines from /etc/sysctl.conf and rebooting will have the same effect; however, the etc/sysctl.conf in the initrd file will also contain these tweaks if the /boot/initrd-$(uname -r) file was rebuilt after the tweaks were added. Because of this, it is best practice to rebuild the initramfs whenever returning sysctl behaviors back to defaults.

Cause

Kernel optimization changes have been done to the /etc/sysctl.conf file as recommend by 3rd party experts rather than by SUSE Technical Support Engineers.
 
These changes cause problems like TCP connections failing to become ESTABLISHED.

Additional Information

An explanation of the parameters can be found in  man 7 tcp 
tcp_tw_recycle (Boolean; default: disabled; Linux 2.4 to 4.11)
Enable fast recycling of TIME_WAIT sockets.  Enabling this option is not recommended as the remote IP may not  use monotonically  increasing timestamps (devices behind NAT, devices with per-connection timestamp offsets).  
See RFC 1323 (PAWS) and RFC 6191.

tcp_tw_reuse (Boolean; default: disabled; since Linux 2.4.19/2.6)
Allow to reuse TIME_WAIT sockets for new connections when it is safe from protocol viewpoint. It should not be changed without advice/request of technical experts.
 
 
  • The tcp_tw_recycle was removed from the kernel upstream:
 
  • tcp_tw_reuse allows the reuse of a client port immediately after the connection has been closed, even though the connection is still in TIME_WAIT state. A precondition for it to take effect is that TCP timestamps are enabled, i.e. net.ipv4.tcp_timestamps = 1, which is the default on most modern systems.
This setting must *not* be applied when communication with hosts behind a NAT firewall needs to take place. Moreover, it must also *not* be applied if not all hosts that use a TCP connection to communicate with have TCP timestamps enabled. Otherwise you might encounter strange TCP connection issues after applying this configuration parameter.
 
 
Due to its impact on global TCP behavior, SUSE Support does not recommend enabling it with the exception of very specific use cases.  All services reliant on TCP ought to be adequately tested to ensure the change does not cause problems with communications.

SAP supports the use of net.ipv4.tcp_tw_reuse = 1 parameter as referenced in SAP Note 2382421 *only* under the conditions listed there.

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7023254
  • Creation Date: 08-Aug-2018
  • Modified Date:05-Nov-2020
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.