Opened 4 years ago
#20279 new enhancement
Long-timeout TCP Sessions
Reported by: | nds21 | Owned by: | |
---|---|---|---|
Component: | network/NAT | Version: | VirtualBox 6.1.18 |
Keywords: | tcp timeout | Cc: | |
Guest type: | Linux | Host type: | Windows |
Description
I have a case with long time-out TCP sessions that come from VirtualBox NAT network mode. When I created half-open TCP sessions from the VM to an external TCP Host (by sending SYN packets but not reply the SYN/ACK with ACK packets). After 10 seconds, the external TCP Host proceeded to close the connections by sending FIN packets. This put the port VirtualBox used for those connections to CLOSE_WAIT state. As I observed, the current VirtualBox's CLOSE_WAIT timeout is about 10 minutes.
I have a theory that, if I can generate enough number (maybe 40,000?) of CLOSE_WAIT state TCP sessions, I can occupy all of the port VirtualBox can use for transmitting, which make the internal VM can not create new connection with external hosts, for 10 minutes.
I suggest that the CLOSE_WAIT timeout should be lowered to 2 minutes to counter the possible problem.