[OpenSIPS-Users] CentOS7: Possible SYN flooding on port 5061
Alexey Vasilyev
alexei.vasilyev at gmail.com
Wed Sep 25 03:49:27 EDT 2019
Hi,
When switching Backup->Active with a lot of TLS clients I got this message
on CentOS 7:
kernel: TCP: request_sock_TCP: Possible SYN flooding on port 5061. Sending
cookies.
It is described for example here https://access.redhat.com/solutions/30453
And related to socket backlog limit.
It's not a problem to increase kernel limit:
sysctl -w net.core.somaxconn=2048
But the question is about OpenSIPS. What do you think, is this enough?
https://github.com/OpenSIPS/opensips/blob/ca75c705a4d74a06aec8ffe6d6e5d5c5e6fb97d6/net/tcp_conn.h#L46
/*!< TCP listen backlog count */
#define DEFAULT_TCP_LISTEN_BACKLOG 10
If we have thousands TLS/TCP connections at the same time, and for example
32 processes, so we'll have only 10*32=320 socket backlog limit for
OpenSIPS? Is this right?
Should it be increased?
-----
---
Alexey Vasilyev
--
Sent from: http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html
More information about the Users
mailing list