[OpenSIPS-Users] CentOS7: Possible SYN flooding on port 5061
bogdan at opensips.org
Thu Sep 26 10:14:51 EDT 2019
I see no reason why not trying to increase the value - at the end this
will probably translate into a larger buffer attached by the kernel to
the listening socket.
So, just give it a try.
OpenSIPS Founder and Developer
OpenSIPS Summit 2019
On 9/25/19 10:49 AM, Alexey Vasilyev wrote:
> When switching Backup->Active with a lot of TLS clients I got this message
> on CentOS 7:
> kernel: TCP: request_sock_TCP: Possible SYN flooding on port 5061. Sending
> It is described for example here https://access.redhat.com/solutions/30453
> And related to socket backlog limit.
> It's not a problem to increase kernel limit:
> sysctl -w net.core.somaxconn=2048
> But the question is about OpenSIPS. What do you think, is this enough?
> /*!< TCP listen backlog count */
> #define DEFAULT_TCP_LISTEN_BACKLOG 10
> If we have thousands TLS/TCP connections at the same time, and for example
> 32 processes, so we'll have only 10*32=320 socket backlog limit for
> OpenSIPS? Is this right?
> Should it be increased?
> Alexey Vasilyev
> Sent from: http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html
> Users mailing list
> Users at lists.opensips.org
More information about the Users