Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,991 questions
That's ok thank you, I have asked the question via Azure portal.
TCP Connections dropped after approx 5 mins of inactivity
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 4%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Mike Taylor
116
Reputation points
I have the idle timeout set to 20 minutes. However, tests with a Python TCP client talking to a a Python TCP server using "epoll", give me an issue when the idle time is roughly 5 minutes of inactivity. I loose the last packet sent, and get an error thrown from the client when after 10 minutes it tries to close the connection, as follows:-
Traceback (most recent call last):
File "atlas_client.py", line 121, in <module>
make_connection()
File "atlas_client.py", line 111, in make_connection
skt.shutdown(socket.SHUT_RDWR)
OSError: [Errno 107] Transport endpoint is not connected
Running this test locally on my Ubuntu VM, gives no such issue.
I am a bit of a loss as to what to try. I can (I believe) force keep-alive packets, however on a 4g connection when we are paying for each and every byte sent/received I don't really want to do this.
How can I tell whether this is an Azure firewall issue, Ubuntu VM or a problem with my code?
Accepted answer
-
Mike Taylor 116 Reputation points
2020-11-16T19:17:57.58+00:00 -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 36%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SaiKishor-MSFT 17,236 Reputation points2020-11-17T01:08:22.71+00:00 Thank you Mike.
Sign in to comment -
9 additional answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 69%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Cristian SPIRIDON 4,481 Reputation points2020-11-05T22:55:35.793+00:00 I think this is because Azure firewall:
https://learn.microsoft.com/en-us/azure/firewall/firewall-faqCheck the paragraph for "TCP Idle Timeout".
Hope that help
-
Khurram Rahim 1,841 Reputation points2020-11-06T20:14:12.443+00:00 https://serverfault.com/questions/981969/dropped-idle-connection-after-5-minutes
Please check mention link i hope it may help you
-
SaiKishor-MSFT 17,236 Reputation points
2020-11-06T07:12:25.507+00:00 A standard behavior of a network firewall is to ensure TCP connections are kept alive and to promptly close them if there's no activity. Azure Firewall TCP Idle Timeout is four minutes. This setting isn't configurable. If a period of inactivity is longer than the timeout value, there's no guarantee that the TCP or HTTP session is maintained.
A common practice is to use a TCP keep-alive. This practice keeps the connection active for a longer period. For more information, see the .NET examples. As given in the doc- https://learn.microsoft.com/en-us/azure/firewall/firewall-faqHope this helps. Please let us know if you need any further assistance. Thank you!
-
Mike Taylor 116 Reputation points
2020-11-06T09:27:01.707+00:00 Just so I understand...
So although the TCP idle timeout is set at 30 minutes (according to the IP configuration on Azure), the network firewall will close in-active sessions after 4 minutes of inactivity (where keep-alives haven't been set).
We have GPRS devices (which we have been using for years) that have no ability to set "keep-alives", can we set this server side (on the Azure VM) to keep the session active?
-
SaiKishor-MSFT 17,236 Reputation points
2020-11-06T17:44:56.367+00:00 Can you confirm where you set the TCP idle timeout to 30 minutes?
You can implement a script on the Azure VM for keepalives, however, there is no managed service on Azure side to do the same. -
Mike Taylor 116 Reputation points
2020-11-09T11:42:18.94+00:00 Please see below for screenshot
Sign in to comment -