I'm building a new web server and load-test on it how much concurrent session it can live. During on loadtest, I found the error log which appeared in /var/log/messages as following and Apache Web Server is down.
Mar 12 10:56:13 ginny kernel: possible SYN flooding on port 80. Sending cookies.
Mar 12 11:44:34 ginny kernel: possible SYN flooding on port 80. Sending cookies.
Mar 12 11:51:59 ginny kernel: possible SYN flooding on port 80. Sending cookies.
After I've searched, tried and tested. Here is my solution.
1. Turn-off iptables
$service iptables stop
$chkconfig iptables off
2. Edit /etc/sysctl.conf
$vi /etc/sysctl.conf
Insert below lines appended into the file.
net.ipv4.tcp_max_syn_backlog=4096 (default is 1024)
net.core.somaxconn=4096 (default is 128)
Refresh the kernel config
$sysctl-p
3. Restart Apache Web Server
To check the changed kernel,
$cat /proc/sys/net/ipv4/tcp_max_syn_backlog
$cat /proc/sys/net/core/somaxconn
The both values are changed.
Hope this may be useful.
No comments:
Post a Comment