What is TCP Keepalive to check the connection state?

Prior to digging into the details of TCP keepalive. We’ll begin by discussing what keepalive is in general. Keepalive is an optional mechanism used by the connection-oriented network protocol to monitor the health of a connection.
Keepalive performs a check of the connection when there has been no data in either direction for an extended period of time.

Why TCP keepalive is important?

Extremely useful for purging a server’s dead connections. For instance, consider a web server that allows connections from anywhere in the world. The server is running Linux without a keepalive mechanism. It may accept a set amount of connections from clients (which may be enormous but is still limited) and then begin refusing new connections.

If clients maintain an inactive connection for an extended period of time. This may result in the server refusing to accept additional connections due to the server reaching its maximum number of connected clients. Finally, this will result in a denial of service.

What is Keepalive In TCP? 

The Transmission Control Protocol (TCP) is a reliable connection-oriented protocol. Keepalive is an optional feature that allows for connection auditing when a connection is inactive (no communication) for a longer duration.

The duration of idle time can be configured. The keepalive process is applied independently to each connection. When the idle time for a connection exceeds a preset value, TCP begins a keepalive probe.

How does TCP perform Keepalive Probe at the protocol level?

This functionality does not need the transmission of any new protocol messages. It makes use of the existing TCP data segment.

  • TCP keepalive probe begins by transmitting a previously acknowledged TCP segment to the remote end.
  • The segment has a sequence number that is one less than the current one.
  • If the receiver maintains an active connection, the sender receives an ACK, and the probe finishes.

When the receiving host is unreachable, unavailable, or does not have such a connection. A keepalive probe will generate no response. After an interval, the sender continues to repeat the probe (default value).
The connection is identified as down after a predetermined number of attempts. TCP frees up connection resources and notifies the user about the terminated connection.

How to set TCP keepalive on Linux machine and socket?

As previously stated, Keepalive is an optional feature. To enable TCP Keepalive, both the underlying operating system and the TCP user application must be configured to do so. This section will demonstrate how to enable keepalive over CentOS7 Linux and with the C socket program.

Linux configuration for keepalive:

The option is enabled by default in a Linux kernel. The following examines the default values for keepalive via the Linux Sysctl command.

[root@CentOs7- ~]# sysctl -a | grep tcp_keepalive
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_time = 7200

The output of the Linux Sysctl command contains three parameters for keepalive. Let us attempt to comprehend each parameter.

  • tcp_keepalive_time, The option specifies the idle period in seconds for a connection prior to initiating the TCP keepalive probe.
  • tcp_keepalive_intvl, have value in seconds. The time interval between consecutive keepalive probes.
  • tcp_keepalive_probes,  an integer value. Represents the number of retries, after which TCP marks the connection dead.