[OpenSIPS-Users] CentOS7: Possible SYN flooding on port 5061

Alexey Vasilyev alexei.vasilyev at gmail.com
Wed Sep 25 03:49:27 EDT 2019


When switching Backup->Active with a lot of TLS clients I got this message
on CentOS 7:
kernel: TCP: request_sock_TCP: Possible SYN flooding on port 5061. Sending

It is described for example here https://access.redhat.com/solutions/30453

And related to socket backlog limit.

It's not a problem to increase kernel limit:
sysctl -w net.core.somaxconn=2048

But the question is about OpenSIPS. What do you think, is this enough?

/*!< TCP listen backlog count */

If we have thousands TLS/TCP connections at the same time, and for example
32 processes, so we'll have only 10*32=320 socket backlog limit for
OpenSIPS? Is this right?

Should it be increased?

Alexey Vasilyev
Sent from: http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html

More information about the Users mailing list