A keepalive (KA) is a message sent by one device to another to check that the link between the two is operating, or to prevent the link from being broken.
Once a TCP connection has been established, that connection is defined to be valid until one side closes it. Once the connection has entered the connected state, it will remain connected indefinitely. But in reality the connection will not last indefinitely. Most firewall or NAT systems will close a connection if there has not been any activity in some time period. The Keep Alive signal can be used to trick intermediate hosts to not close the connection due to inactivity. It is also possible that one host is no longer listening (e.g. application or system crash). In this case the connection is closed, but no ```FIN``` was ever sent. In this case a KeepAlive packet can be used to interrogate a connection to check if it is still intact.
A keepalive signal is often sent at predefined intervals, and plays an important role on the Internet. After a signal is sent, if no reply is received the link is assumed to be down and future data will be routed via another path until the link is up again. A keepalive signal can also be used to indicate to Internet infrastructure that the connection should be preserved. Without a keepalive signal, intermediate NAT-enabled routers can drop the connection after timeout.
Since the only purpose is to find links that don't work or to indicate connections that should be preserved, keepalive messages tend to be short and not take much bandwidth. However, their precise format and usage terms depend on the communication protocol.
Transmission Control Protocol (TCP) keepalives are an optional feature, and if included must default to off. The keepalive packet contains no data. In an Ethernet network, this results in frames of minimum size (64 bytes). There are three parameters related to keepalive:
- Keepalive time is the duration between two keepalive transmissions in idle condition. TCP keepalive period is required to be configurable and by default is set to no less than 2 hours.
- Keepalive interval is the duration between two successive keepalive retransmissions, if acknowledgement to the previous keepalive transmission is not received.
- Keepalive retry is the number of retransmissions to be carried out before declaring that remote end is not available
When two hosts are connected over a network via TCP/IP, TCP Keepalive Packets can be used to determine if the connection is still valid, and terminate it if needed.
Most hosts that support TCP also support TCP Keepalive. Each host (or peer) periodically sends a TCP packet to its peer which solicits a response. If a certain number of keepalives are sent and no response (ACK) is received then the sending host will terminate the connection from its end. If a connection has been terminated due to a TCP Keepalive time-out and the other host eventually sends a packet for the old connection, the host that terminated the connection will send a packet with the RST flag set to signal the other host that the old connection is no longer active. This will force the other host to terminate its end of the connection so a new connection can be established.
Typically TCP Keepalives are sent every 45 or 60 seconds on an idle TCP connection, and the connection is dropped after 3 sequential ACKs are missed. This varies by host, e.g. by default Windows PCs send the first TCP Keepalive packet after 7200000ms (2 hours), then sends 5 Keepalives at 1000ms intervals, dropping the connection if there is no response to any of the Keepalive packets.
Keepalive on higher layers
Since TCP keepalive is optional, various protocols (e.g. SMB and TLS) implement their own keep-alive feature on top of TCP. It is also common for protocols which maintain a session over a connectionless protocol, e.g. OpenVPN over UDP, to implement their own keep-alive.
The Hypertext Transfer Protocol uses the keyword "Keep-Alive" in the "Connection" header to signal that the connection should be kept open for further messages (this is the default in HTTP 1.1, but in HTTP 1.0 the default was to use a new connection for each request/reply pair). Despite the similar name, this function is entirely unrelated.
"Keep-alive" devices are used in automotive repair to maintain battery voltage for devices in the vehicle when the battery is disconnected or changed, usually by plugging in a small battery to the vehicle's 12 volt power outlet. A typical application is preventing the vehicle's radio or other device from going to "code" mode (security lockout) during vehicle repair. Typically a lower voltage source, such as a 9–volt battery, is sufficient for the purpose.
Electric clocks often have battery-powered keep-alive circuits to maintain time and other settings during a power outage. Some electronic devices use a capacitor circuit to maintain volatile memory when the user changes the battery.
- Braden, Robert T. (October 1989). "Requirements for Internet Hosts - Communication Layers". IETF. Retrieved November 8, 2013.
- 3.1.1 Packet format. IEEE Standard for Ethernet, 802.3-2015 – section one. 2016. p. 108. doi:10.1109/IEEESTD.2016.7428776. ISBN 978-1-5044-0078-7.
- "Using TCP keepalive under Linux". tldp.org. Retrieved 2016-07-29.
- "Protocol Standard for a NetBIOS Service on a TCP/UDP Transport: Concepts and Methods". IETF. March 1987. Retrieved June 18, 2015.
- Williams, Michael; Tüxen, Michael; Seggelmann, Robin (February 2012). "Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension". IETF. Retrieved June 18, 2015.
- "OpenVPN manual page". Retrieved June 18, 2015.
- "HTTP Keep Alive discourse by Jim Driscoll". Archived from the original on 2010-08-13.