[OpenSIPS-Users] CentOS7: Possible SYN flooding on port 5061
alexei.vasilyev at gmail.com
Wed Sep 25 03:49:27 EDT 2019
When switching Backup->Active with a lot of TLS clients I got this message
on CentOS 7:
kernel: TCP: request_sock_TCP: Possible SYN flooding on port 5061. Sending
It is described for example here https://access.redhat.com/solutions/30453
And related to socket backlog limit.
It's not a problem to increase kernel limit:
sysctl -w net.core.somaxconn=2048
But the question is about OpenSIPS. What do you think, is this enough?
/*!< TCP listen backlog count */
#define DEFAULT_TCP_LISTEN_BACKLOG 10
If we have thousands TLS/TCP connections at the same time, and for example
32 processes, so we'll have only 10*32=320 socket backlog limit for
OpenSIPS? Is this right?
Should it be increased?
Sent from: http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html
More information about the Users