Recently I took some time looking into TCP keep-alive and
how it works in a Windows environment. Seeing that I already had a summary
written on the subject, I’ve decided this is an opportunity for a blog post.
So, here we go…
Applications are often client-server based. In some cases
you’ll want the client to keep the connection to the server open, even if it’s
been idle for a while. Usually, you’ll want that if making a new connection is
too “costly”, being it time or performance or any other consideration.
Connections are usually interrupted by-design, considering
servers usually have a timeout period set, after which they close an idle connection.
This mechanism is in place to make sure connections are closed when there is no
longer a need for them and the client didn’t take the initiative to close the
connection.
There are also cases, when connections are interrupted by a third-party
for other reasons. One example of this is firewalls. Firewalls have a security mechanism
in place, which closes stale connections to make sure they will not be
exploited for some sort of an attack.
Whatever the reason might be, if you find that you have a
good enough reason to keep a connection alive, TCP keep-alive is one way to go
at it.
A good explanation of TCP keep-alive can be found here: http://msdn.microsoft.com/en-us/library/aa925764.aspx
How TCP Keep-alive works –
First and foremost, TCP Keep-alive is not enabled by default.
In order for it to be enabled, you have to enable it in the application layer,
meaning you need an application to access this feature.
You can do this by one of the following:
·
setsockopt() with SO_KEEPALIVE option
·
WSAIoctl() with SIO_KEEPALIVE_VALS option
Or, if you’re using a .NET application:
·
SetSocketOption method from Socket Class in
System.Net.Sockets namespace
·
GetSocketOption method from Socket Class in
System.Net.Sockets namespace
Otherwise, TCP Keep-alive will not be used.
In windows (2008/Vista and above) TCP Keep alive has 2
registry keys that influence its behavior:
1.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime
This key is a DWORD measured in milliseconds.
It controls how often a TCP connections attempts to verify that an idle
connection is still intact. It does so by sending a keep-alive packet.
2.
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveInterval
This key is also a DWORD measured in
milliseconds. It controls how long to wait for a response for the keep-alive
packet before sending a retransmission. Once a response is received, keep-alive
intervals go back to what was defined in the KeepAliveTime value. The
connection will be aborted after 10 failed retransmissions (this number is
hard-coded and can’t be modified).
To add to all of this, it’s important to underline that TCP
keep-alive is a packet that contains null data, so its impact on the network traffic
is minimal. Therefore, its bandwidth usage can and should be neglected.
If your application supports TCP keep-alive it will use it
if the values above are configured. To make sure that this is the case, contact
the vendor/owner of the application in question. Otherwise, you’ll need to
modify to source code in order to accomplish the use of TCP keep-alive.