Error: possible SYN flooding
Tobias Eichelbrönner
tobias.eichelbroenner at lamp-solutions.de
Tue Aug 13 12:35:36 CEST 2013
Hi,
> I could not find anything at Google. May somebody give me tips how to
> resolve this issue?
If you have many connections to your loadbalancer, a slow backend and a
low cache hitrate the number of connection hold open may cause problems.
My first step would be to check if the number of syn-connections fits to
the number of connections
so if
netstat -nap | grep SYN | wc -l
is high compared to the number of requests per second maybe this is a
real SYN flood attack after all.
I checked on a system of my own serving about 70 req/s the number of
open syn requests is always below 10.
If there is no attack and you cannot speed up your backend or increase
the cache hitrate, maybe you can use dns round robin to split the
requests between more than one load balancer.
Sincerely,
Tobias
--
LAMP solutions GmbH
Gostenhofer Hauptstrasse 35
90443 Nuernberg
Amtsgericht Nuernberg: HRB 22366
Geschaeftsfuehrer: Heiko Schubert
Es gelten unsere allgemeinen Geschaeftsbedingungen.
http://www.lamp-solutions.de/agbs/
Telefon : 0911 / 376 516 0
Fax : 0911 / 376 516 11
E-Mail : support at lamp-solutions.de
Web : www.lamp-solutions.de
Facebook : http://www.facebook.com/LAMPsolutions
Twitter : http://twitter.com/#!/lampsolutions
More information about the varnish-misc
mailing list