Hi All, I am using Apache 2.2 with mpm model as worker in RedHat 3.0. When I do a dmesg from the command prompt I get lot of the below message
possible SYN flooding on port 84. Sending cookies. possible SYN flooding on port 82. Sending cookies. possible SYN flooding on port 81. Sending cookies. possible SYN flooding on port 84. Sending cookies. Those are the listening the ports of the Apache.I am having 4 different instances are running.When I do a netstat of lsof on a particular port I see SYN_RCV is taking 50 % of the connections, which may have caused the kernel to throw the "SYN_FLOOD_ATTACK", correct me if I am wrong. I have the following configuration net.ipv4.tcp_max_syn_backlog = 1024 and net.ipv4.tcp_syncookies = 1 and net.ipv4.tcp_keepalive_time = 7200 So what would be the workaround for the above scenario, and what is the main issue it is causing the above behavior.Any help would be very much appreciated. Thanks in advance Regards Arnab