[OpenSIPS-Users] CentOS7: Possible SYN flooding on port 5061
Bogdan-Andrei Iancu
bogdan at opensips.org
Thu Sep 26 10:14:51 EDT 2019
Hi Alexey,
see https://opensips.org/Documentation/Script-CoreParameters-2-4#toc67
I see no reason why not trying to increase the value - at the end this
will probably translate into a larger buffer attached by the kernel to
the listening socket.
So, just give it a try.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
https://www.opensips-solutions.com
OpenSIPS Summit 2019
https://www.opensips.org/events/Summit-2019Amsterdam/
On 9/25/19 10:49 AM, Alexey Vasilyev wrote:
> Hi,
>
> When switching Backup->Active with a lot of TLS clients I got this message
> on CentOS 7:
> kernel: TCP: request_sock_TCP: Possible SYN flooding on port 5061. Sending
> cookies.
>
> It is described for example here https://access.redhat.com/solutions/30453
>
> And related to socket backlog limit.
>
> It's not a problem to increase kernel limit:
> sysctl -w net.core.somaxconn=2048
>
> But the question is about OpenSIPS. What do you think, is this enough?
> https://github.com/OpenSIPS/opensips/blob/ca75c705a4d74a06aec8ffe6d6e5d5c5e6fb97d6/net/tcp_conn.h#L46
>
> /*!< TCP listen backlog count */
> #define DEFAULT_TCP_LISTEN_BACKLOG 10
>
> If we have thousands TLS/TCP connections at the same time, and for example
> 32 processes, so we'll have only 10*32=320 socket backlog limit for
> OpenSIPS? Is this right?
>
> Should it be increased?
>
>
>
> -----
> ---
> Alexey Vasilyev
> --
> Sent from: http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list