> How many tcp sockets (outgoing and incoming) can a process create/manage?
How much memory do you have ?
>From about 2.2.12 onwards the default is 1024 file descriptors per process
configurable via /proc/sys and rlimit to higher values.
Your real constraints are more likely to be the scalability of poll() if
it is using poll/select [poll scales better than select in 2.2.x] and the
memory footprint per socket (reckon on 64K of system resources average
per socket - its a bit high but armwaving is best done upwards not downwards)
> Is there a way to adjust the amount of time an un-ACKed SYN will remain in
> the queue to be processed?
With syn cookies that is a meaningless question. When syn cookies kick in the
following occurs:
The received syn frame is processed.
If the frame is valid a cookie is constructed holding the state
The cookie is embedded into the sequence space field
The syn|ack is sent
We then totally discard and forget about the connection. We have no stored
state for it.
When the ack comes back we can use the cookie to verify this is
a valid new connection
We then extract the cookie, the port numbers and other data from the
ACK frame and build a socket structure.
You cannot syn flood a SYN cookie system. The price you pay is loss of options
and some detail. Squashing the cookie into a small number of bits requires we
throw away the PAWS, SACK and time stamping features on such connections as well
as using a limited range of MSS values.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Mar 15 2000 - 21:00:17 EST