Release Notes and Announcements
Product Introduction
Billing
- Billing Overview
- Billing Modes
- Billing Items
- Billing Mode Conversion Overview
- Purchasing Instances
- Configuration Adjustment Billing Guide
- Overdue Payments
Getting Started
- Purchasing a Customized Linux Instance
- Purchasing a Customized Windows Instance
User Guide
- Operation Guide Overview
- Use Limits
- Instances
- Spot Instances
- Reserved Instances
- Images
- Storage
- Backup and Restoration
- Network
- Security
- Passwords/Keys
- Monitoring and Alarms
- Ops Management
- Convenience Features
Migrating a Server
- Online Migration
- Migration Consultation
Troubleshooting
- CVM Login Failures
- Windows Instance Login Failures
- Linux Instance Login Failures
- Other Login Failures
- Instance Running Failures
- Linux Instance Memory Failures
- Network Failures
Use Cases
- Suggestions on CVM Model Selection
- Environment Building
- Website Building
- Application Building
- Visual GUI Building
- Uploading Local Files to CVM
- Network Performance Test
- Other Practical Tutorials
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Region APIs
- Instance APIs
- Cloud Hosting Cluster APIs
- Placement Group APIs
- Image APIs
- Instance Launch Template APIs
- Placement Group APIs
- Key APIs
- Security Group APIs
- Network APIs
- Data Types
- Error Codes
Security and Compliance
- CAM
- Network
FAQs
- Regions and Zones
- Billing
- Instances
- Storage
- Images
- Server Migration
- Network
- Security
- Operating Systems
- Ops and Monitoring
- CAM
- NTP Service
- Scenarios
Agreements
Glossary

How to Avoid PAWS Packet Loss

Download

Focus Mode

Font Size

Last updated: 2025-11-13 17:38:37

Background
The tcp_tw_recycle parameter is used to quickly reclaim connections in the TIME-WAIT status. However, under certain circumstances, this parameter may cause Protection Against Wrapped Sequence Numbers (PAWS) packet loss issues, especially when network address translation (NAT) exists in the network linkage. Therefore, it is generally recommended to disable the parameter.
Below are the steps to disable tcp_tw_recycle and configure tcp_tw_bucket.
Operation Steps
Disabling tcp_tw_recycle
Temporary Disabling
sudo sysctl -w net.ipv4.tcp_tw_recycle=0
Permanent Disabling
1. Edit the /etc/sysctl.conf file to add or modify the following line:
net.ipv4.tcp_tw_recycle = 0
2. Make the configuration take effect:
sudo sysctl -p
Configuring tcp_tw_bucket
The tcp_tw_bucket parameter is used to set the number of buckets for connections in the TIME-WAIT status. Increasing this value helps the system more efficiently handle a large number of connections in the TIME-WAIT status.
Temporary Configurations
sudo sysctl -w net.ipv4.tcp_max_tw_buckets=4096
Permanent Configurations
1. Edit the /etc/sysctl.conf file to add or modify the following line:
net.ipv4.tcp_max_tw_buckets = 4096
2. Make the configuration take effect:
sudo sysctl -p
Other Related Optimizations
In addition to the two parameters mentioned above, other kernel parameters can also help optimize TCP connection handling:
Increasing the File Descriptor Length Limitation
sudo sysctl -w fs.file-max=100000
Increasing the Number of Open Files Allowed by the System
Edit the /etc/security/limits.conf file to add or modify the following lines:
* soft nofile 65535
* hard nofile 65535
Increasing the Maximum Number of Connections That Can Be Established by the System
sudo sysctl -w net.core.somaxconn=65535
Increasing the Length of Half-Open Connection Queues
sudo sysctl -w net.ipv4.tcp_max_syn_backlog=65535
Reducing the Timeout Duration of the TIME-WAIT Status
sudo sysctl -w net.ipv4.tcp_fin_timeout=15
Verifying the Configuration
You can use the following commands to verify whether the configuration takes effect:
sysctl -a | grep tcp_tw
sysctl -a | grep file-max
sysctl -a | grep somaxconn
sysctl -a | grep tcp_max_syn_backlog
sysctl -a | grep tcp_fin_timeout
Restarting the Service
If you are optimizing a certain service (such as a web server or database), it is recommended to restart the service to ensure that the new kernel parameters take effect.

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

Cloud Virtual Machine

How to Avoid PAWS Packet Loss

Background

Operation Steps

Disabling `tcp_tw_recycle`

Temporary Disabling

Permanent Disabling

Configuring `tcp_tw_bucket`

Temporary Configurations

Permanent Configurations

Other Related Optimizations

Increasing the File Descriptor Length Limitation

Increasing the Number of Open Files Allowed by the System

Increasing the Maximum Number of Connections That Can Be Established by the System

Increasing the Length of Half-Open Connection Queues

Reducing the Timeout Duration of the TIME-WAIT Status

Verifying the Configuration

Restarting the Service

Help and Support