On 01/23/2013 02:47 AM, Leandro Lucarella wrote:
Thanks for the info. I'm definitely dropping SYNs and sending cookies, around 50/s. Is there any way to tell how many connections are queued in a particular socket?
I am not familiar with one. Doesn't mean there isn't one, only that I am not able to think of it.
Then if syncookies are enabled, the time spent in connect() shouldn't be bigger than 3 seconds even if SYNs are being "dropped" by listen, right?
Do you mean if "ESTABLISHED" connections are dropped because the listen queue is full? I don't think I would put that as "SYNs being dropped by listen" - too easy to confuse that with an actual dropping of a SYN segment.
But yes, I would not expect a connect() call to remain incomplete for any longer than it took to receive an SYN|ACK from the other end. That would be 3 (,9, 21, etc...) seconds on a kernel with 3 seconds as the initial retransmission timeout.
rick -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/