Re: multinet - syn flood



mckinneyj@xxxxxxxx a écrit :
rejoc wrote:
Multinet V4.4 A-X, VMS AXP 7.3-2

Suppose there are clients, trying to connect to the VMS/multinet system
by initiating a socket connection with a SYN but not going further.
On the VMS side, we can see these sockets in a SYN_RCVD state.

As far as I understand, as soon as there are as many such sockets as
"backlog", no more connections can be setup on that particular IP port.
Correct ?
The process listening on the port is not declared through the multinet
conf/serv mechanisms but the process starts at boot time and declares
itself to multinet and listens to a particular port. How can I increase
the backlog parameter in this case ? (I have no access the the sources)

What is the value of the timeout for sockets in the SYN_RCVD state. Can
it be changed (lowered) ?

By default, connections in a SYN_RCVD state will timeout after 75
seconds. This value is defined by the kernel parameter TCP_CONNINIT.

$ mu set/kernel TCP_CONNINIT
Parameter tcp_conninit (0x86DE4B50), Value = 150

The parameter is global and affects both incoming and outgoing
connections (so be careful if you choose to lower it as you may find
that you have problems establishing some wanted connections). The value
is in half-second units. You may change it as follows.

$ mu set/kernel TCP_CONNINIT 120
Parameter tcp_conninit (0x86DE4B50), Old Value = 150, New Value = 120

BACKLOG is not a global parameter. It is established for each
individual service. You don't say exactly how the listener is
configured - if it is a service defined via MultiNet's SERVER-CONFIG
utility you can increase the backlog simply by

$ mu conf/serv
SERVER-CONFIG> select YOUR-SERVER
SERVER-CONFIG> set backlog NNN
SERVER-CONFIG> exit

and restart either the MULTINET_SERVER or your server if it is
pernamently resident.

You might also want to consider the value of the MultiNet kernel
variable SOMAXCONN. It controls the number of concurrent permissible
connections in an embryonic state on a per port basis.

If you're not using the MULTINET_SERVER to field your connection
requests then you would have to control backlog and max connections in
your server application's code.
As I have no access to the code and the server is not defined via multinet server-config, I'll change the value of somaxconn.

Regarding embryonic state of the connctions, is the "embryonic TCP connections dropped" counter incremented only when a SYN_RCVD connection times-out ?


Thanks for your help.
.



Relevant Pages

  • Re: multinet - syn flood
    ... we can see these sockets in a SYN_RCVD state. ... "backlog", no more connections can be setup on that particular IP port. ... configured - if it is a service defined via MultiNet's SERVER-CONFIG ...
    (comp.os.vms)
  • Re: My server sometimes goes deaf to certain hosts
    ... on one of the other sockets, thereby delaying the call to accept. ... What is the backlog you specified? ... connections abandoned by the origin may still count if you ... How do you know there are only 1 or 2 hosts that have tried to connect ...
    (comp.os.linux.development.apps)
  • sockets, closing and TIME_WAIT
    ... During heavy load the server can't follow anymore because the sockets ... my server should be able to handle 10 clients connecting ... This gets a free position in the array of connections, ...
    (comp.unix.programmer)
  • Re: network programming: how does s.accept() work?
    ... The program you contact at Google is a server. ... so, the server will usually assign a new port, say 56399, specifically ... connections to a server remain on the same port, ... sockets is what identifies them. ...
    (comp.lang.python)
  • Re: FOAK: ADSL Micro Filters
    ... what is the REN total of the units plugged into the sockets. ... I've always had terrible problems with our connections, ... and whether the new adsl modem was connected or not. ... IIRC to use UK bought phones in France, ...
    (uk.rec.motorcycles)