LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris
User Name
Password
Solaris / OpenSolaris This forum is for the discussion of Solaris and OpenSolaris.
General Sun, SunOS and Sparc related questions also go here.

Notices

Reply
 
Search this Thread
Old 10-23-2008, 02:12 AM   #1
shan_nathan
Member
 
Registered: Jun 2007
Location: India
Distribution: Redhat
Posts: 137

Rep: Reputation: 15
High TCP connect timeout rate!


Dear all,

I am using solaris 9 on sparc hardware. In the server i am running one third party proxy serer application. mine is a big network nearly above 5,000. So the proxy is generally loaded. When i check the /var/adm/messages i am finding the following error

Oct 22 12:03:42 SunSPARC03 tcp: [ID 995438 kern.warning] WARNING: High TCP connect timeout rate! System (port 8007) may be under a SYN flood attack!Oct 22 12:03:42 SunSPARC03 tcp: [ID 995438 kern.warning] WARNING: High TCP connect timeout rate! System (port 8007) may be under a SYN flood attack!

When i get the message the proxy application not function proberly. Is there any way to configure the kernal to address the problem.

Thanks in advance,
Shan
 
Old 10-24-2008, 02:47 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by shan_nathan View Post
Dear all,

I am using solaris 9 on sparc hardware. In the server i am running one third party proxy serer application. mine is a big network nearly above 5,000. So the proxy is generally loaded. When i check the /var/adm/messages i am finding the following error

Oct 22 12:03:42 SunSPARC03 tcp: [ID 995438 kern.warning] WARNING: High TCP connect timeout rate! System (port 8007) may be under a SYN flood attack!Oct 22 12:03:42 SunSPARC03 tcp: [ID 995438 kern.warning] WARNING: High TCP connect timeout rate! System (port 8007) may be under a SYN flood attack!

When i get the message the proxy application not function proberly. Is there any way to configure the kernal to address the problem.

Thanks in advance,
Shan
If you take the warning at its word, then you should start issuing TCP SYN cookies. If that mitigates the problem, you'll need to figure-out why you were being flooded in the first place. SYN flooding isn't always caused by an intentional denial-of-service attack, it is sometimes the result of buggy client-side software, or even underlying network problems. EDIT: It could also be that the amount of legitimate traffic you have is too much for your current limits. In that case, this article would be useful to you, as it explains how to raise the relevant limits for Solaris.

Last edited by win32sux; 10-24-2008 at 04:13 PM.
 
Old 10-24-2008, 04:07 PM   #3
reddazz
Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 73
Moved: This thread is more suitable in the Solaris/OpenSolaris forum and has been moved accordingly to help your thread/question get the exposure it deserves.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to set TCP Timeout xenomage Linux - Networking 5 11-23-2009 04:08 PM
fix tcp select() with non-zero timeout for redhat 4.5 vilnius Linux - Newbie 1 10-01-2008 07:44 PM
high recv-q and send-q and collision rate sarah_haff Linux - Networking 2 08-19-2008 06:49 AM
Linux - rate of change too high? paulsiu Linux - General 4 07-02-2007 03:07 PM
refresh rate is to high ethanlindsey Linux - Hardware 1 09-23-2004 06:15 AM


All times are GMT -5. The time now is 07:26 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration