Welcome! Log In Create A New Profile

Advanced

TCPv6: Possible SYN flooding on port 80. Sending cookies.

Posted by omkar_jadhav_20 
TCPv6: Possible SYN flooding on port 80. Sending cookies.
September 28, 2016 06:34AM
Hi,
I am using nginx with version 1.4.0. Getting error as : TCPv6: Possible SYN flooding on port 80. Sending cookies.
It is serving media traffic and whenever number of incoming connections crosses 7K. file size served is about 1.5Mb.
below are few details for reference :

part of nginx conf :
worker_processes auto;
events {
worker_connections 4096;
use epoll;
multi_accept on;
}
worker_rlimit_nofile 100001;

http {
include mime.types;
default_type video/mp4;
proxy_buffering on;
proxy_buffer_size 4096k;
proxy_buffers 5 4096k;
sendfile on;
keepalive_timeout 30;
tcp_nodelay on;
tcp_nopush on;
reset_timedout_connection on;
gzip off;
server_tokens off;


sysctl parameters are :
net.core.somaxconn=65535
net.ipv4.tcp_tw_recycle = 0 # purpsely set to 1 as NATed client were facing issue.
net.ipv4.tcp_syncookies = 1
net.core.netdev_max_backlog = 250000
net.ipv4.tcp_max_syn_backlog = 4096
net.core.rmem_max = 134217728
net.core.wmem_max = 134217728
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.core.netdev_max_backlog = 250000
net.ipv4.tcp_congestion_control = htcp
net.ipv4.tcp_mtu_probing = 1
net.ipv4.ip_local_port_range = 4096 65535
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 10

server used : CentOS release 6.5 (Final)

# cat /proc/meminfo
MemTotal: 1588152040 kB

# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 60

-----------------

Also we are using haproxy as load balancer and requests loads are eqally distributed on servers but we can see one of the user facing servers is taking more load due to more number of io writes. all servers are of cent os and are on same kernel level.
Re: TCPv6: Possible SYN flooding on port 80. Sending cookies.
October 19, 2016 04:50AM
can someone please suggest any solution..
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 109
Record Number of Users: 8 on December 15, 2016
Record Number of Guests: 386 on August 02, 2016
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready