Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > ipMonitor > NETSTAT -A command displays too many TCP/IP connections

NETSTAT -A command displays too many TCP/IP connections

Overview

Running the NETSTAT -A command from the command prompt shows a large number of TCP/IP connections established by the ipMonitor software. This increased network traffic can affect ipMonitor's ability to create new connections, especially since many existing TCP/IP connections remain in a reserved TIME_WAIT state. Ultimately, if ipMonitor is unable to open new connections, monitor failures can occur.

Environment

ipMonitor, all versions

Cause

The majority of TCP/IP connections displayed are ephemeral ports that have already been closed, but that remain reserved before they can be reused. This reserved state is denoted by the netstat TIME_WAIT label.

Microsoft limits the number of connections to 3975 by default, meaning that there can only be 3975 TCP/IP connections open at any given time. In addition, the TIME_WAIT state is configured by default to be 240 seconds. This means that Windows can only support an average of 33 TCP/IP connections per second. ipMonitor must then wait 240 seconds before being able to reuse those connections. If you have a large number of configured Monitors set to retest resources at short intervals, 3975 connections every four minutes may not be enough.

Resolution

Warning: Windows registry changes can result in severe system damage if performed incorrectly. Before you modify the registry, make a backup copy and ensure you understand how to restore the registry if a problem occurs. 

 

Attempt the troubleshooting steps in the following order:

Increase the refresh time between monitor tests

If possible, SolarWinds recommends configuring your monitors to use the default value of 300 seconds between monitor tests. This optimal setting ensures there are enough TCP connections available when needed.

Increase the maximum simultaneous connections

  1. Start the Registry Editor (Regedt32.exe).
  2. Access the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  3. Add a DWORD value to this registry key:
    Name: MaxUserPort
    Type: DWORD
    Value: 65534 (decimal)
  4. Exit the Registry Editor.

Note: This section can also be used as reference during large Server & Application Monitor (SAM) installations.

Reduce the duration of the Reserved State

Reducing the value of the TIME_WAIT state results in TCP connections being reused faster, therefore allowing for an increased number of connections during the same length of time. Note that if the value is too low, the TCP connection may close before monitor testing is complete.

  1. Start the Registry Editor (Regedt32.exe).
  2. Access the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  3. Add a DWORD value to this registry key:
    Name: TcpTimedWaitDelay
    Type: REG_DWORD - Time in seconds
    Value: 120 (decimal)
  4. Exit the Registry Editor.
Last modified
10:25, 7 Sep 2017

Tags

Classifications

Public