On Thu, Apr 19, 2001 at 07:49:45AM +0800, Andrew Chan wrote:
> Greetings,
>
> I am running a relaying sendmail box and I would like it to be able to
> handle up to 600 or so concurrent (incoming or outgoing) connections.
>
> I tried that and discovered that TONS of incoming connections are stuck at
> SYNC_RECV state. It is like the sendmail box received these port 25
> connection attempts and then didn't know what to do with them.
Such sockets don't make it to accept() -- the TCP connection
setup is a three-way handshake, and SYN_RECV is just indication
of the reception of the first part of it:
1) local <------- SYN ---------- remote
2) local -------- ACK,SYN -----> remote
3) local <------- ACk,ACK ------ remote
Each of those SYN_RECV sockets have done 2, but have never
heard back. In normal case the state 3 is reached by 1.5
times the roundtrip time between the two systems. (Presuming
symmetric delays.)
There is finite size queue of sockets that can sit in this
particular state waiting for full open (3), after which the
user programs can then get the sockets with accept().
It may be so called 'SYN-attack', although it might just as
well be routing blackhole somewhere.
Look for documents regarding SYN-Cookies, and how to enable them.
( I.e. what values mean what at:
/proc/sys/net/ipv4/tcp_syncookies )
> I suspect I need to tune some of the TCP parameters so that the system can
> handle many short lived TCP connections in an efficent manner. Any pointer
> to this specific issue or general TCP tunning under Linux (2.4.2-ac28
> kernel) will be most appreciated.
>
> Thanks.
>
> Andrew
/Matti Aarnio
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Apr 23 2001 - 21:00:30 EST