Reply
New Member
Posts: 1
Registered: ‎04-11-2017
Kudos: 1

Unifi Controller - High amount of close_wait, time_wait, fin_wait_2

I am running a controller on a dedicated VM and it is version 5.4.11.  The APs are at another facility so adopotion is handled via the Internet.  I currently have only 4 UniFi AP-AC-Lite APs adopted however I am noticing a lot of close_wait, time_wait, fin_wait_2 on my controller.  

 

I tried to recently add two more units and they never showed up on the controller.  I verified the inform address multiple times, verified connectivity from APs with ping, verified firewall logs for inbound 8080 sessions from APs and everything looks good.  The traffic was getting through however the controller never picked them up so I could adopt.  This is what led me to netstat and checking connections so the issue may be related or may not be however, I wanted to see if anyone had experience with this before because I am at a stalemate.  Any help would be much appreciated!

New Member
Posts: 18
Registered: ‎05-25-2015
Kudos: 69

Re: Unifi Controller - High amount of close_wait, time_wait, fin_wait_2

I have something similar happening but only when I run the controller in Docker in bridge mode, which uses the docker-proxy application.

 

What happens is that any remote UAPs (coming in via NAT on 8080 on my Mikrotik router) leave FIN_WAIT2 and CLOSE_WAIT connection statuses (about 25,000 of each) after a few days.

 

This does NOT happen for local UAPs, nor does it happen if I use host networking in docker.

 

Very odd, for now I have that workaround but one day I may have time to investigate.

New Member
Posts: 3
Registered: ‎02-05-2016

Re: Unifi Controller - High amount of close_wait, time_wait, fin_wait_2

Hi!

I have a similar problem where I host a Unifi Controller on Debian behinde Mikrotik Firewall NAT for my customers. About 100 sites with 500 devices.
Due to many heartbeat missed states of devices on all sites I checked the firewall and recognized many tcp close wait states. Also the input drop rule for invalid connections rise very quickly, all coming to port 8080 from customer sites.
Did you find a solution @rwojo?

Interesting is also the laggy network on other services, like mail or winbox access from outside. It requires many attempts to get an email out or connect. Teamviewer also only works if I get lucky.

What I have to check is if the system works if I replace the Mikrotik with another firewall.
Senior Member
Posts: 23,521
Registered: ‎08-04-2017
Kudos: 4464
Solutions: 1156

Re: Unifi Controller - High amount of close_wait, time_wait, fin_wait_2

Hello @itempire,

 

I believe I heard someone else post that it's a issue with one of the mikrotik firmware versions.

 

 

Regards,

Glenn R.

Cloud Hosted Controllers | Glenn R. | UniFi Installation/Easy Update Scripts | UniFi-Video Installation Scripts | UniFi-VoIP Installation Scripts
USG-XG-8 • USG-4-PRO • USG
US-XG-16 • US-48-500W • US-24-POE-250W 2x • US-16-POE-150W 3x • US-24 • US-8-150W • US-8
UAP XG • UAP-SHD • UAP-HD • UAP-NanoHD 2x • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M • UAP-AC-M-PRO 2x
UAS-XG • UCK-G2-PLUS • UCK-G2 • UCK
New Member
Posts: 18
Registered: ‎05-25-2015
Kudos: 69

Re: Unifi Controller - High amount of close_wait, time_wait, fin_wait_2

I have not found a solution other than to not run it in Docker on my NAS in host mode (instead of bridge mode).

New Member
Posts: 3
Registered: ‎02-05-2016

Re: Unifi Controller - High amount of close_wait, time_wait, fin_wait_2

here i posted on mikrotik forums, is that the same experience as i have?

https://forum.mikrotik.com/viewtopic.php?f=2&t=146391

Highlighted
New Member
Posts: 18
Registered: ‎05-25-2015
Kudos: 69

Re: Unifi Controller - High amount of close_wait, time_wait, fin_wait_2

Interesting. I don't have any other issues related to my MikroTik at all so I don't think I have the same issue as that thread describes. 

 

Mine seems mire more related to running the UniFi controller in docker in different networking modes. 

 

When unifi has had issues as well, I didn't have any other related issues on my network. Just unifi. 

Reply