因为这是Nginx的背后.这是否意味着Nginx充当反向代理？如果是这种情况,那么您的连接是2x(一个连接到客户端,一个连接到Web服务器).你知道这些插座属于哪一端吗？

更新：
fin_timeout是它们在FIN-WAIT-2中停留的时间(来自内核文档中的networking / ip-sysctl.txt)：

tcp_fin_timeout - INTEGER
        Time to hold socket in state FIN-WAIT-2,if it was closed
        by our side. Peer can be broken and never close its side,or even died unexpectedly. Default value is 60sec.
        Usual value used in 2.2 was 180 seconds,you may restore
        it,but remember that if your machine is even underloaded WEB server,you risk to overflow memory with kilotons of dead sockets,FIN-WAIT-2 sockets are less dangerous than FIN-WAIT-1,because they eat maximum 1.5K of memory,but they tend
        to live longer. Cf. tcp_max_orphans.

我想你可能只需要让Linux保持TIME_WAIT套接字号码看起来可能是32k上限,这就是Linux回收它们的地方.在这个link中提到了这个32k：

Also,I find the
/proc/sys/net/ipv4/tcp_max_tw_buckets
confusing. Although the default is set
at 180000,I see a TCP disruption when
I have 32K TIME_WAIT sockets on my
system,regardless of the max tw
buckets.

此链接还表明TIME_WAIT状态为60秒,无法通过proc调整.

随意有趣的事实：
您可以使用netstat -on |在每个套接字上使用netstat查看timewait上的计时器grep TIME_WAIT |减

重用Vs回收：
这些都很有趣,它看起来像重用,可以重用time_Wait套接字,而循环使它进入TURBO模式：

tcp_tw_recycle - BOOLEAN
        Enable fast recycling TIME-WAIT sockets. Default value is 0.
        It should not be changed without advice/request of technical
        experts.

tcp_tw_reuse - BOOLEAN
        Allow to reuse TIME-WAIT sockets for new connections when it is
        safe from protocol viewpoint. Default value is 0.
        It should not be changed without advice/request of technical
        experts.

我不建议使用net.ipv4.tcp_tw_recycle,因为它会导致NAT客户端出现问题.

也许你可能试着不打开这两个并看看它有什么效果(一次尝试一个,看看它们是如何自行工作的)？我会用netstat -n | grep TIME_WAIT | wc -l比Munin更快的反馈.