[20200220]windows設定keepalive引數.txt

--//昨天測試了ENABLE=BROKEN在連線串中，可以發現在客戶端啟用了TCP keep-alive feature特性。而預設tcp_keepalive_time設定
--//7200秒，時間有點長。許多客戶端或者中間伺服器使用的是windows系統，如何修改登錄檔呢？

--//檢索找到如下連結：http://www.cppblog.com/Robertxiao/articles/153510.html
1)在Windows NT平臺上，我們利用regedit來修改系統登錄檔，修改
HKEY_LOCAL_MACHINE\CurrentControlSet\Services\Tcpip\Parameters下的以下三個引數：

KeepAliveInterval        :設定其值為1000
KeepAliveTime            :設定其值為300000(單位為毫秒，300000代表5分鐘)
TcpMaxDataRetransmissions:設定其值為5
--//在我的工作機器測試看看。注：我的測試環境是windows 7.

1.修改登錄檔:

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"KeepAliveTime"=dword:00001770
"KeepAliveInterval"=dword:000003e8
"MaxDataRetries"="5"

--//KeepAliveTime=0x1770 = 6000
--//KeepAliveInterval=0x000003e8 = 1000
--//注：不知道MaxDataRetries還是TcpMaxDataRetransmissions，windows 技術資料太少。那位知道，我最終測試2個不是。
--//或者像https://blog.csdn.net/shenya1314/article/details/70187767介紹那樣，客戶端無法設定。

2.測試：
--//服務端設定：
# echo /proc/sys/net/ipv4/tcp_keepalive* | xargs   -n 1 strings -1 -f
/proc/sys/net/ipv4/tcp_keepalive_intvl: 75
/proc/sys/net/ipv4/tcp_keepalive_probes: 9
/proc/sys/net/ipv4/tcp_keepalive_time: 7200

$ grep SQLNET.EXPIRE_TIME $ORACLE_HOME/network/admin/sqlnet.ora
#SQLNET.EXPIRE_TIME = 1

--//延長服務端tcp_keepalive_time時間，避免服務端干擾。

sqlplus scott/book@"(DESCRIPTION=(ENABLE=BROKEN)(CONNECT_DATA=(SERVICE_NAME=book)(SERVER = DEDICATED))(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.100.78)(PORT=1521)))"

SCOTT@book> @ spid
       SID    SERIAL# PROCESS                  SERVER    SPID                     PID P_SERIAL# C50
---------- ---------- ------------------------ --------- -------------------- ------- ---------- --------------------------------------------------
         3       2097 1688:7476                DEDICATED 21518                     24        159 alter system kill session '3,2097' immediate;

# netstat -npo 2>/dev/null | grep 21518
tcp        0      0 192.168.100.78:1521         192.168.98.6:56411          ESTABLISHED 21518/oraclebook    keepalive (7177.06/0/0)
--//確定埠號 56411

# tcpdump -vvnni eth0 port 56411
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
--//等1分鐘毫無反應。噢！才想起來也許要重啟機器再測試。不知道斷開網路再連線是否有效，先測試禁用再啟用連線的情況。

3.繼續測試：
--//禁用再啟用網路連線，操作細節略。

sqlplus scott/book@"(DESCRIPTION=(ENABLE=BROKEN)(CONNECT_DATA=(SERVICE_NAME=book)(SERVER = DEDICATED))(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.100.78)(PORT=1521)))"

SCOTT@book> @ spid
       SID    SERIAL# PROCESS                  SERVER    SPID                     PID P_SERIAL# C50
---------- ---------- ------------------------ --------- -------------------- ------- ---------- --------------------------------------------------
        58       1379 8420:2824                DEDICATED 21635                     28        114 alter system kill session '58,1379' immediate;

# netstat -npo 2>/dev/null | grep 21635
tcp        0      0 192.168.100.78:1521         192.168.98.6:57543          ESTABLISHED 21635/oraclebook    keepalive (7084.23/0/0)
--//確定埠號 57543

# tcpdump -vvnni eth0 port 57543
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
--//等1分鐘毫無反應。

4.再繼續測試：
--//重啟測試機器客戶端。
sqlplus scott/book@"(DESCRIPTION=(ENABLE=BROKEN)(CONNECT_DATA=(SERVICE_NAME=book)(SERVER = DEDICATED))(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.100.78)(PORT=1521)))"

SCOTT@book> @ spid
       SID    SERIAL# PROCESS                  SERVER    SPID                     PID P_SERIAL# C50
---------- ---------- ------------------------ --------- -------------------- ------- ---------- --------------------------------------------------
        58       1391 4052:5612                DEDICATED 22059                     28        119 alter system kill session '58,1391' immediate;

$ netstat -npo 2>/dev/null | egrep "22059"
tcp        0      0 192.168.100.78:1521         192.168.98.6:49682          ESTABLISHED 22059/oraclebook    keepalive (7163.03/0/0)

# tcpdump -vvnni eth0 port 49682
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
10:06:23.007811 IP (tos 0x0, ttl 127, id 3580, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 3057020812:3057020813(1) ack 1803888726 win 16289
10:06:23.007991 IP (tos 0x0, ttl 64, id 63755, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49682: ., cksum 0x47cc (incorrect (-> 0x63a3), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>
10:06:29.010284 IP (tos 0x0, ttl 127, id 3611, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:06:29.010324 IP (tos 0x0, ttl 64, id 63756, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49682: ., cksum 0x47cc (incorrect (-> 0x63a3), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>
10:06:35.004759 IP (tos 0x0, ttl 127, id 3656, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:06:35.004797 IP (tos 0x0, ttl 64, id 63757, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49682: ., cksum 0x47cc (incorrect (-> 0x63a3), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>
10:06:41.013022 IP (tos 0x0, ttl 127, id 3695, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:06:41.013075 IP (tos 0x0, ttl 64, id 63758, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49682: ., cksum 0x47cc (incorrect (-> 0x63a3), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>
--//總算OK了。注意看時間間隔正好6秒。
10:09:23.021838 IP (tos 0x0, ttl 127, id 4958, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:09:23.021929 IP (tos 0x0, ttl 64, id 63785, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49682: ., cksum 0x47cc (incorrect (-> 0x63a3), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>

# iptables -I INPUT 1 -p tcp --dport 49682 -j drop
--//奇怪執行以上命令不行。因為沒有這樣型別的包。
--//192.168.100.78.1521 > 192.168.98.6.49682 對應的是OUTPUT鏈。

# iptables -D INPUT 1
# iptables -I INPUT 1 -p tcp --sport 49682 -j DROP

10:15:59.099141 IP (tos 0x0, ttl 127, id 7794, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:15:59.099179 IP (tos 0x0, ttl 64, id 63851, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49682: ., cksum 0x47cc (incorrect (-> 0x63a3), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>
--//正常。以下就是執行iptables -I INPUT 1 -p tcp --sport 49682 -j DROP的情況。
10:16:05.101208 IP (tos 0x0, ttl 127, id 7848, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:06.102474 IP (tos 0x0, ttl 127, id 7850, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:07.103134 IP (tos 0x0, ttl 127, id 7859, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:08.103356 IP (tos 0x0, ttl 127, id 7861, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:09.103903 IP (tos 0x0, ttl 127, id 7870, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:10.102031 IP (tos 0x0, ttl 127, id 7872, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:11.100107 IP (tos 0x0, ttl 127, id 7880, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:12.100189 IP (tos 0x0, ttl 127, id 7884, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:13.100203 IP (tos 0x0, ttl 127, id 7892, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:14.100300 IP (tos 0x0, ttl 127, id 7895, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49682 > 192.168.100.78.1521: ., cksum 0xa6ea (correct), 0:1(1) ack 1 win 16289
10:16:15.100914 IP (tos 0x0, ttl 127, id 7903, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.98.6.49682 > 192.168.100.78.1521: R, cksum 0xe687 (correct), 1:1(0) ack 1 win 0
--//出現11次，時間間隔1秒也正確。出現11次說明登錄檔的這個引數MaxDataRetries不對。

--//客戶端執行sql語句，馬上報錯。
10:12:18 SCOTT@book> set time on escape on
10:12:20 SCOTT@book> select sysdate from dual ;
select sysdate from dual
*
ERROR at line 1:
ORA-03135: connection lost contact
Process ID: 22059
Session ID: 58 Serial number: 1391

5.驗證重試測試是那個引數:
https://blog.csdn.net/shenya1314/article/details/70187767

其中， setsockopt 設定了 keepalive 模式，但是系統對 keepalive 預設的引數可能不符合我們的要求，比如空閒 2 小時後才探測對
端是否活躍，所以 WSAIoctl 函式透過 tcp_keepalive 結構體對這些引數進行了相應設定。 tcp_keepalive 這個結構體在 mstcpip.h
標頭檔案中有定義：

struct tcp_keepalive {
ULONG onoff ;   // 是否開啟 keepalive
ULONG keepalivetime ; // 多長時間( ms )沒有資料就開始 send 心跳包
ULONG keepaliveinterval ; // 每隔多長時間( ms ) send 一個心跳包，
// 發 5 次 (2000 XP 2003 預設 ), 10 次 (Vista 後系統預設 )
};

這個結構體設定了空閒檢測時間，及檢測時重複傳送的間隔時間。詳細的可以查詢 msdn:(VS.85).aspx 。
按照 msdn 上的說法，這些引數也可以透過在登錄檔裡設定，分別為：

HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters/KeepAliveTime
HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters/KeepAliveInterval

另外，有些人可能已經發現了， tcp_keepalive 這個結構體中沒有對重試次數這個引數的設定，這個引數可以透過登錄檔來設定，具體位置為：
HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters/TcpMaxDataRetransmissions
關於在登錄檔中設定這幾個引數，我在 XP 和 Server2008 系統中都沒有找到， msdn 上說貌似只是支援 server 2003 ，我這裡沒有實驗，具體不太清楚。

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"KeepAliveTime"=dword:00001770
"KeepAliveInterval"=dword:000003e8
"MaxDataRetries"="5"
"TcpMaxDataRetransmissions"="5"

--//再次重啟測試，其它步驟不再貼出。

# tcpdump -vvnni eth0 port 49513
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
10:41:35.694775 IP (tos 0x0, ttl 127, id 3395, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 4042311713:4042311714(1) ack 2224808308 win 16289
10:41:35.694958 IP (tos 0x0, ttl 64, id 4842, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49513: ., cksum 0x47cc (incorrect (-> 0xd828), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>
10:41:41.692546 IP (tos 0x0, ttl 127, id 3440, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:41:41.692584 IP (tos 0x0, ttl 64, id 4843, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49513: ., cksum 0x47cc (incorrect (-> 0xd828), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>
10:41:47.694272 IP (tos 0x0, ttl 127, id 3514, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:41:47.694313 IP (tos 0x0, ttl 64, id 4844, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49513: ., cksum 0x47cc (incorrect (-> 0xd828), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>
10:41:53.697620 IP (tos 0x0, ttl 127, id 3586, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:41:53.697664 IP (tos 0x0, ttl 64, id 4845, offset 0, flags [DF], proto: TCP (6), length: 52) 192.168.100.78.1521 > 192.168.98.6.49513: ., cksum 0x47cc (incorrect (-> 0xd828), 1:1(0) ack 1 win 330 <nop,nop,sack 1 {0:1}>

# iptables -I INPUT 1 -p tcp --sport 49513 -j DROP

10:41:59.696732 IP (tos 0x0, ttl 127, id 3653, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:00.691771 IP (tos 0x0, ttl 127, id 3666, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:01.691836 IP (tos 0x0, ttl 127, id 3675, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:02.691884 IP (tos 0x0, ttl 127, id 3686, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:03.692474 IP (tos 0x0, ttl 127, id 3698, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:04.695563 IP (tos 0x0, ttl 127, id 3717, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:05.695603 IP (tos 0x0, ttl 127, id 3725, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:06.696245 IP (tos 0x0, ttl 127, id 3736, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:07.697502 IP (tos 0x0, ttl 127, id 3744, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:08.698103 IP (tos 0x0, ttl 127, id 3755, offset 0, flags [DF], proto: TCP (6), length: 41) 192.168.98.6.49513 > 192.168.100.78.1521: ., cksum 0x420f (correct), 0:1(1) ack 1 win 16289
10:42:09.697217 IP (tos 0x0, ttl 127, id 3764, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.98.6.49513 > 192.168.100.78.1521: R, cksum 0x81ac (correct), 1:1(0) ack 1 win 0
--//還是不對，放棄測試。

總結：
1.windows 測試真心的煩，一共重啟3次。不知道修改登錄檔如何快速生效。
2.知道如何修改登錄檔的相關資訊的具體位置。
3.重試次數預設好像是10次，我設定的"MaxDataRetries"="5"，"TcpMaxDataRetransmissions"="5"或者根本不能改變。看連結：

(v=vs.85)?redirectedfrom=MSDN

/* Argument structure for SIO_KEEPALIVE_VALS */
struct tcp_keepalive {
    u_long onoff;
    u_long keepalivetime;
    u_long keepaliveinterval;
};

The value specified in the onoff member determines if TCP keep-alive is enabled or disabled. If the onoff member is set
to a nonzero value, TCP keep-alive is enabled and the other members in the structure are used. The keepalivetime member
specifies the timeout, in milliseconds, with no activity until the first keep-alive packet is sent. The
keepaliveinterval member specifies the interval, in milliseconds, between when successive keep-alive packets are sent if
no acknowledgement is received.

The SO_KEEPALIVE option, which is one of the SOL_SOCKET Socket Options, can also be used to enable or disable the TCP
keep-alive on a connection, as well as query the current state of this option. To query whether TCP keep-alive is
enabled on a socket, the getsockopt function can be called with the SO_KEEPALIVE option. To enable or disable TCP
keep-alive, the setsockopt function can be called with the SO_KEEPALIVE option. If TCP keep-alive is enabled with
SO_KEEPALIVE, then the default TCP settings are used for keep-alive timeout and interval unless these values have been
changed using SIO_KEEPALIVE_VALS.

The default settings when a TCP socket is initialized sets the keep-alive timeout to 2 hours and the keep-alive interval
to 1 second. The default system-wide value of the keep-alive timeout is controllable through the KeepAliveTime registry
setting which takes a value in milliseconds. The default system-wide value of the keep-alive interval is controllable
through the KeepAliveInterval registry setting which takes a value in milliseconds.

On Windows Vista and later, the number of keep-alive probes (data retransmissions) is set to 10 and cannot be changed.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--//這裡提示不能改變。

On Windows Server 2003, Windows XP, and Windows 2000, the default setting for number of keep-alive probes is 5. The
number of keep-alive probes is controllable through the TcpMaxDataRetransmissions and PPTPTcpMaxDataRetransmissions
registry settings. The number of keep-alive probes is set to the larger of the two registry key values. If this number
is 0, then keep-alive probes will not be sent. If this number is above 255, then it is adjusted to 255.

[20200220]windows設定keepalive引數.txt

相關文章