[rhn-users] TIME_WAIT sockets - Tech Challenge question

[Kvetch]

I was tweaking one of our web servers and remembered last week's Tech
Challenge questions
(http://www.redhat.com/sundown/techquestion0517.html).  From what I
had read about TIME_WAIT socket states is a little confusing.
I have been monitoring (netstat- ant) our tcp connections and would
roughly see about an average of 1000 connections.  Usually about
800-900ish were in the TIME_WAIT state.  I have read a few times that
reusing and enabling fast recycling of the TW sockets improves
performance.  Enabling reuse and recycling definitely reduce the
number of total number of sockets I have but don't see how that can
improve performance.  After I changed the kernel settings (sysctl -w
net.ipv4.tcp_tw_reuse=1 & sysctl -w net.ipv4.tcp_tw_recycle=1) I am
seeing about a 250 connections (netstat -ant|wc) and about an average
of 95 stuck in the TIME_WAIT socket.

Since the TIME_WAIT socket is the state after the server's FIN and
user's last ACK what performance can this give.  Doesn't this just
give me the possibility of handling more connections?  Since the
socket is suppose to stay in TIME_WAIT for twice the Maximum Segment
Lifetime or 240secs, what does setting the reuse and recycling end up
setting the 2MSL time to?  Zero?  Couldn't this mean that the user
might not get all the data they requested or their data could be mixed
up with another request? 
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcp-antispoof-01.txt
The 4th answer to the TIME_WAIT socket question regards 
/proc/sys/net/ipv4/ tcp_max_tw_buckets, should people leave this
alone?  Isn't this the setting that helps prevent DDOS attacks? 
Wouldn't changing it just open you back up to DDOS?

Sorry for all the questions but I am still unclear on how this is
actually improving my TCP performance, if it is safe to do and isn't
it just giving me the ability to handle more connections..

Thanks,
Nick