Why TIME_WAIT Connections Exhaust Your Server and How to Fix Them

What is TIME_WAIT?

TIME_WAIT is a normal TCP state that appears on the side that actively closes a connection; many such states can prevent new connections.

Typical Scenarios

Microservice API calls: Service A frequently calls Service B without Keep-Alive.

Short connections: Applications open a new database connection for each query (e.g., MySQL without a connection pool).

Crawlers: Multi‑threaded web scrapers that close connections immediately after fetching.

Root Causes

Limited temporary port range (default 32768‑60999 on Linux). cat /proc/sys/net/ipv4/ip_local_port_range Each TIME_WAIT consumes a local port, quickly exhausting the range under high‑frequency connect/close cycles.

ss -ano | grep TIME-WAIT | wc -l   # count
netstat: bind: Address already in use   # new connection error

Kernel Parameter Limits

tcp_max_tw_buckets

: limits the maximum number of TIME_WAIT sockets (typically 18,000‑30,000); excess connections are dropped.

cat /proc/sys/net/ipv4/tcp_max_tw_buckets

Solutions

Client side

Enable port reuse: set net.ipv4.tcp_tw_reuse = 1.

Expand the local port range, e.g., net.ipv4.ip_local_port_range = 1024 65000.

Use persistent connections (Keep‑Alive) to reduce connection churn.

Server side

Reduce FIN timeout: net.ipv4.tcp_fin_timeout = 30 (default 60 s).

Increase file‑descriptor limits to avoid exhaustion.

Key Takeaways

The side that initiates closure enters TIME_WAIT for twice the maximum segment lifetime (≈2 minutes).

Ports held by TIME_WAIT cannot be reused until the state expires.

Linux supports up to 65,535 ports; excessive TIME_WAIT can cause “address already in use” errors.

Adjust kernel parameters and application design (e.g., keep‑alive, connection pooling) to mitigate the issue.