Ola amigos, procurei na lista e n encontrei muita coisa sobre syn flood, e estou tendo um sério problema em meu servidor squid, quando ele aumenta o numero de conexões da umas travadas no servidor chegando ate parar em alguns minutos, verifiquei e esta dando em meus logs varios syn flooding, e é nestes momentos q ele para. Já fiz algumas alterações no sysctl, e no squid mas mesmo assim continuo com o problema de syn flood, existe alguma forma de eu aumentar o numero de conexões no meu servidor ?
as configurações de tunning no squid que estou fazendo são essas abaixo. # Aumente o numero de descritores ulimit -HSn 8192 && squid -DY ulimit -HSn 8192 # # Aumentando o numero de descritores global # Adicionar no /etc/sysctl.conf sysctl -w fs.file-max=819200 # # Aumentando o numero de portas locais disponiveis na pilha TCP/IP # Adicionar no /etc/sysctl.cinf sysctl -w net.ipv4.ip_local_port_range="1024 65000" # # Aumento da fila de log do squid chamado de backlog sysctl -w net.ipv4.tcp_max_syn_backlog=4096 minha maquina é um model name : Intel(R) Core(TM)2 CPU E7400 @ 2.80GHz com 4G de memoria meu squidclient esta dando esse resultado proxy:~/servidor_quid# squidclient mgr:info HTTP/1.0 200 OK Server: squid Date: Thu, 20 Aug 2009 17:18:59 GMT Content-Type: text/plain Expires: Thu, 20 Aug 2009 17:18:59 GMT X-Cache: MISS from proxy.faarnet.com.br X-Cache-Lookup: MISS from proxy.faarnet.com.br:3128 Via: 1.0 proxy.faarnet.com.br:3128 (squid) Connection: close Squid Object Cache: Version 2.7.STABLE3 Start Time: Thu, 20 Aug 2009 16:03:16 GMT Current Time: Thu, 20 Aug 2009 17:18:59 GMT Connection information for squid: Number of clients accessing cache: 7 Number of HTTP requests received: 549120 Number of ICP messages received: 0 Number of ICP messages sent: 0 Number of queued ICP replies: 0 Number of HTCP messages received: 0 Number of HTCP messages sent: 0 Request failure ratio: 0.00 Average HTTP requests per minute since start: 7251.8 Average ICP messages per minute since start: 0.0 Select loop called: 6489367 times, 0.700 ms avg Cache information for squid: Request Hit Ratios: 5min: 33.0%, 60min: 31.7% Byte Hit Ratios: 5min: 18.3%, 60min: 17.2% Request Memory Hit Ratios: 5min: 12.2%, 60min: 11.5% Request Disk Hit Ratios: 5min: 47.9%, 60min: 52.9% Storage Swap size: 32463656 KB Storage Mem size: 614612 KB Mean Object Size: 20.59 KB Requests given to unlinkd: 0 Median Service Times (seconds) 5 min 60 min: HTTP Requests (All): 0.37825 0.28853 Cache Misses: 0.49576 0.46965 Cache Hits: 0.00179 0.01164 Near Hits: 0.32154 0.30459 Not-Modified Replies: 0.00000 0.00000 DNS Lookups: 0.20377 0.20377 ICP Queries: 0.00000 0.00000 Resource usage for squid: UP Time: 4543.285 seconds CPU Time: 320.616 seconds CPU Usage: 7.06% CPU Usage, 5 minute avg: 7.14% CPU Usage, 60 minute avg: 7.12% Process Data Segment Size via sbrk(): 982568 KB Maximum Resident Size: 0 KB Page faults with physical i/o: 0 Memory usage for squid via mallinfo(): Total space in arena: 982568 KB Ordinary blocks: 982493 KB 876 blks Small blocks: 0 KB 0 blks Holding blocks: 21212 KB 7 blks Free Small blocks: 0 KB Free Ordinary blocks: 74 KB Total in use: 1003705 KB 100% Total free: 74 KB 0% Total size: 1003780 KB Memory accounted for: Total accounted: 857056 KB memPoolAlloc calls: 74064727 memPoolFree calls: 69521899 File descriptor usage for squid: Maximum number of file descriptors: 8192 Largest file desc currently in use: 1104 Number of file desc currently in use: 1004 Files queued for open: 0 Available number of file descriptors: 7188 Reserved number of file descriptors: 100 Store Disk files open: 112 IO loop method: epoll Internal Data Structures: 1578726 StoreEntries 59620 StoreEntries with MemObjects 59174 Hot Object Cache Items 1576685 on-disk objects qualquer sugestão será muito bem vinda -- _____________________________________ Tiago Matias LinuxAp - Router & Wireless Tel.: 55+69+3535+3583 www.linuxap.com.br email/msn: tiagomat...@linuxap.com.br Serviços: *Linux *Mikrotik *Wireless _____________________________________ LINUXAP SUPER ROUTER WIRELESS