Linux Performance: TCP active/passive/failed connection openings
Updated: Jul 29
TCP connection status is a key metric to troubleshooting TCP related network issues. We collect four basic connection status to help you understand what these metrics mean. From these metrics, we can tell that the issue happens from server-side or client-side.
TCP connection opening status
active connections openings - This indicates the system has sent a SYN to initiate a TCP connection with a remote system. The "active" comes from the fact this system was the one who initiated the new TCP session.
passive connection openings - This occurs when the system opens a new socket after receiving the final ACK of the TCP handshake. The "passive" refers to the fact that this system was the one who received the SYN, so was not the instigator of the new TCP session.
failed connection attempts - This occurs when a socket in SYN_RECV or SYN_SENT states enters an unexpected or error path due to traffic received or sent. The most common reason for this is a TCP Reset was received into a SYN_SENT socket, indicating the other end was not listening on the destination port.
bad segments received - This occurs if we send an RFC 5691 Challenge ACK, if the TCP header is too small, if the TCP header is in the wrong place in the packet, or if there is a TCP Checksum Error.