lots of connections in SYN_RECV state

Puneet Agarwal puneet.agr at outlook.com
Fri Nov 7 21:05:30 EST 2014


These connections are from outside the network, and the IP's are legitimate ones which should be connecting.
I don't know whether the IP's which I could see are the real ones or spoofed ones.

sysctl -a says
net.ipv4.tcp_syncookies = 1

cat /proc/sys/net/ipv4/tcp_syncookies also gives 1

Isn't this sufficient to enable syncookies?

Thanks and Regards
Puneet
----------------------------------------
> To: puneet.agr at outlook.com
> CC: dave.jing.tian at gmail.com; me at sillymon.ch; kernelnewbies at kernelnewbies.org
> Subject: Re: lots of connections in SYN_RECV state
> From: Valdis.Kletnieks at vt.edu
> Date: Fri, 7 Nov 2014 13:10:05 -0500
>
> On Fri, 07 Nov 2014 23:11:26 +0530, Puneet Agarwal said:
>
>> I use linux kernel 2.6. I have enabled SYN cookies already. But that does not
>> seem to solve the problem. Overall request latency is very high with these many
>> half open connections.
>
> So, out of curiosity, where are all these half open connections coming
> from? Are they from addresses in your local network? Outside sites that
> *should* be connecting? Places you've never heard and and probably *shouldn't*
> be connecting?
>
> (Also, if you have properly implemented syncookies, you shouldn't *have* any
> half-open connections. That's the whole point of syncookies....)
>
 		 	   		  


More information about the Kernelnewbies mailing list