Re: [squid-users] code red is making horrible on our network

From: Robin Stevens <robin.stevens@dont-contact.us>
Date: Mon, 13 Aug 2001 11:41:45 +0100

On Sat, Aug 11, 2001 at 05:18:00PM +0200, Alexander Pressman wrote:
> Hi All !
>
> I think I find the solution & the problem
>
> echo 2048 >>/proc/sys/net/ipv4/tcp_max_syn_backlog
> because its only 128 by default
>
> sockets are flooded

I suspect this is less of a problem for those with Linux v2.4 kernels and
more than 128MB RAM, since according to the documentation:

: tcp_max_syn_backlog - INTEGER
: Maximal number of remembered connection requests, which are
: still did not receive an acknowledgement from connecting client.
: Default value is 1024 for systems with more than 128Mb of memory,
: and 128 for low memory machines. If server suffers of overload,
: try to increase this number. Warning! If you make it greater
: than 1024, it would be better to change TCP_SYNQ_HSIZE in
: include/net/tcp.h to keep TCP_SYNQ_HSIZE*16<=tcp_max_syn_backlog
: and to recompile kernel.

Even so, I guess this could still be a problem under extreme conditions.

The documentation leaves me slightly confused. TCP_SYNQ_HSIZE appears to be
set to 512 by default, but 16*512 is rather greater than 1024. Any kernel
gurus understand this better than I do?

-- 
--------------- Robin Stevens  <robin.stevens@oucs.ox.ac.uk> -----------------
Oxford University Computing Services ----------- Web: http://www.cynic.org.uk/
------- (+44)(0)1865: 273212 (work) 273275 (fax)  Mobile: 07776 235326 -------
Received on Mon Aug 13 2001 - 04:41:47 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:36 MST