Litespeed backloq queue full..

Discussion in 'Install/Configuration' started by seyit, Dec 27, 2011.

  1. seyit

    seyit New Member

    Hi,

    i just try to know how is going litespeed while on ddos attack..
    i set up ubuntu with kernel 3.0 also i configuration ddos params on litespeed
    i just tring http flood it goes fine.. But i got 1 problem..

    while i try Syn fooding.. server is stuck..
    backlog queue is full and 3way handshake is filled up..

    here u see what happens.
    root@litespeed:/etc# netstat -n -p TCP |grep SYN_RECV | wc -l
    256

    question is how can i increase backlog queue? . Because on linux its only 256 connection on default.. i want to increase this anyone know how it be ? or any configuration that i miss on litespeed ?

    Thanks.
  2. mistwang

    mistwang LiteSpeed Staff

    You should increase /proc/sys/net/core/somaxconn, and /proc/sys/net/ipv4/tcp_max_syn_backlog
  3. seyit

    seyit New Member

    there is nothing changes.. i tried it. also i tried other things..

    Here you see when in underattack

    root@litespeed:~# cat /proc/sys/net/core/somaxconn
    512
    root@litespeed:~# cat /proc/sys/net/ipv4/tcp_max_syn_backlog
    100000
    root@litespeed:~# netstat -n -p TCP | grep SYN_RECV |wc -l
    256
    root@litespeed:~#

    Server is still stuck i didnt increase backlog queue with those params..

    What can i do more ?
  4. seyit

    seyit New Member

    any configuration do i need to change in litespeed..
    i m testing litespeen on ubuntu with kernel 3.0
  5. mistwang

    mistwang LiteSpeed Staff

    you should enable tcp_syncookies in order for making tcp_max_syn_backlog effective.
    It should not be set too high.
  6. seyit

    seyit New Member

    i also change all those things.. because still i it cant be increased..

    net.ipv4.ip_forward = 0
    net.ipv4.conf.default.rp_filter = 1
    net.ipv4.conf.default.accept_source_route = 0
    kernel.sysrq = 0
    kernel.core_uses_pid = 1
    net.ipv4.tcp_syncookies = 1
    net.ipv4.tcp_synack_retries = 2
    net.ipv4.conf.all.send_redirects = 0
    net.ipv4.conf.default.send_redirects = 0
    net.ipv4.conf.all.accept_source_route = 0
    net.ipv4.conf.all.accept_redirects = 0
    net.ipv4.conf.all.secure_redirects = 0
    net.ipv4.conf.all.log_martians = 1
    net.ipv4.conf.default.accept_source_route = 0
    net.ipv4.conf.default.accept_redirects = 0
    net.ipv4.conf.default.secure_redirects = 0
    net.ipv4.icmp_echo_ignore_broadcasts = 1
    net.ipv4.tcp_syncookies = 1
    net.ipv4.conf.all.rp_filter = 1
    net.ipv4.conf.default.rp_filter = 1
    net.ipv6.conf.default.router_solicitations = 0
    net.ipv6.conf.default.accept_ra_rtr_pref = 0
    net.ipv6.conf.default.accept_ra_pinfo = 0
    net.ipv6.conf.default.accept_ra_defrtr = 0
    net.ipv6.conf.default.autoconf = 0
    net.ipv6.conf.default.dad_transmits = 0
    net.ipv6.conf.default.max_addresses = 1
    net.core.optmem_max = 40960
    kernel.exec-shield = 1
    kernel.randomize_va_space = 1
    net.ipv4.tcp_rmem = 4096 87380 8388608
    net.ipv4.tcp_wmem = 4096 87380 8388608
    net.core.rmem_max = 8388608
    net.core.wmem_max = 8388608
    net.core.netdev_max_backlog = 5000
    net.ipv4.tcp_window_scaling = 1
    fs.file-max = 65535
    kernel.pid_max = 65536
    net.ipv4.ip_local_port_range = 2000 65000



    Still 256 connection.. how can i increase this backlog queue ?
    i tried in ubuntu kernel 3.0 and centos 2.6 still same problem.. i cant increase backlog queue..
  7. webizen

    webizen New Member

    pls paste the result of following.
  8. seyit

    seyit New Member

    error: permission denied on key 'vm.compact_memory'
    error: permission denied on key 'net.ipv4.route.flush'
    net.ipv4.tcp_max_syn_backlog = 2048
    error: permission denied on key 'net.ipv6.route.flush'

Share This Page