TCP Keepalive: How Does a Server Detect Dead Connections?

Introduction

A server may maintain an open connection with a client for hours, even though the client has disconnected from the network or closed the application without properly terminating the connection.

If the server fails to detect this situation, these inactive connections can continue consuming valuable system resources. This is where TCP Keepalive comes into play.

What Is TCP Keepalive?

TCP Keepalive is a mechanism built into the TCP protocol that periodically sends small probe packets to verify whether the remote endpoint is still reachable.

If no response is received after several attempts, the connection is considered dead and is automatically closed.

How Does TCP Keepalive Work?

The process typically follows these steps:

1. The connection remains idle for a predefined period.
2. The operating system sends a TCP Keepalive probe.
3. If the remote host responds, the connection remains active.
4. If there is no response, additional probes are sent.
5. After a configured number of failed attempts, the connection is terminated.

Why Is TCP Keepalive Important?

Resource Management

Closes stale or abandoned connections, freeing server resources.

Improved Application Stability

Prevents dead connections from accumulating and affecting overall system performance.

Support for Long-Lived Connections

Essential for applications that maintain persistent TCP sessions.

Common Use Cases

TCP Keepalive is widely used in:

• Database servers
• VPN connections
• SSH sessions
• WebSocket applications
• Chat and messaging platforms
• Network proxies and load balancers

TCP Keepalive vs. Heartbeat

Although they serve similar purposes, they operate at different layers.

TCP Keepalive works at the TCP protocol level, verifying that the network connection still exists.

Heartbeat, on the other hand, is an application-level message used to confirm that the service itself is functioning correctly—not just that the connection remains open.

Best Practices

To get the most from TCP Keepalive:

• Configure timeout intervals based on your application's requirements.
• Avoid excessively short intervals that generate unnecessary network traffic.
• Continuously monitor the number of active and idle connections.
• Tune operating system Keepalive parameters for production workloads when needed.

FAQ

Does TCP Keepalive increase network traffic?

Only slightly. Keepalive packets are very small and are transmitted infrequently, making their impact on network bandwidth minimal.

Is TCP Keepalive enabled by default?

It depends on the operating system and the application's configuration. Many systems support it, but it often needs to be explicitly enabled or tuned.

Conclusion

TCP Keepalive helps servers detect stale or abandoned TCP connections, allowing them to reclaim resources and maintain application stability. It is especially valuable for services that rely on long-lived connections, such as databases, VPNs, SSH, WebSockets, and other persistent network applications.