lots of connections in SYN_RECV state
Puneet Agarwal
puneet.agr at outlook.com
Fri Nov 7 12:41:26 EST 2014
I use linux kernel 2.6. I have enabled SYN cookies already. But that does not seem to solve the problem. Overall request latency is very high with these many half open connections.
Thanks and Regards
Puneet
----------------------------------------
> Subject: Re: lots of connections in SYN_RECV state
> From: dave.jing.tian at gmail.com
> Date: Fri, 7 Nov 2014 23:49:35 +0800
> CC: puneet.agr at outlook.com; kernelnewbies at kernelnewbies.org
> To: me at sillymon.ch
>
> Latest kernel provides a TCP SYN Cookie feature to defense from SYN flooding.
>
> -daveti
>
>
>> On Nov 6, 2014, at 11:58 PM, Silvan Jegen <me at sillymon.ch> wrote:
>>
>> 2014-11-06 16:15,Puneet Agarwal:
>>> Is there a way to check the reason, why they do not answer to the
>>> SYN-ACK's?
>>
>> I don't think so. After all, they just don't answer and they won't tell
>> you why (AFAIK there is no way to ask them why either)...
>>
>> You could try to check for patterns in the incoming IP addresses to see
>> from how many different places these connections are being made. I think
>> that way it should be possible to figure out from which geographic
>> location these problematic connections are coming from as well. What you
>> would do with these findings I am not sure though.
>>
>> If these connection negatively impact the performance of your servers
>> you should definitely look into to countermeasures mentioned in the RFC
>> here.
>>
>> http://tools.ietf.org/html/rfc4987
>>
>>
>> _______________________________________________
>> Kernelnewbies mailing list
>> Kernelnewbies at kernelnewbies.org
>> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>
More information about the Kernelnewbies
mailing list