lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 17 Aug 2017 14:35:40 +0530
From:   Akshat Kakkar <akshat.1984@...il.com>
To:     Eric Dumazet <eric.dumazet@...il.com>
Cc:     netdev <netdev@...r.kernel.org>
Subject: Re: Something hitting my total number of connections to the server

On Wed, Aug 16, 2017 at 4:04 PM, Eric Dumazet <eric.dumazet@...il.com> wrote:
> On Wed, 2017-08-16 at 10:18 +0530, Akshat Kakkar wrote:
>> On Mon, Aug 14, 2017 at 2:37 PM, Akshat Kakkar <akshat.1984@...il.com> wrote:
>> > I have centos 7.3 (Kernel 3.10) running on a server with 128GB RAM and
>> > 2 x 10 Core Xeon Processor.
>> > I have hosted a webserver on it and enabled ssh for remote maintenance.
>> > Previously it was running on Centos 6.3.
>> > After upgrading to CentOS 7.3, occasionally (probably when number of
>> > hits are more on the server), I am not able to create new connections
>> > (neither on web nor on ssh). Existing connections keeps on running
>> > fine.
>> >
>> > I did packet capturing using tcpdump to understand if its some
>> > intermediate network issue.
>> > What I found was the server is not replying for new SYN requests.
>> >
>> > So it's clear that its not at all application issue. Also, there are
>> > no logs in applications logs for any connections dropped, if any.
>> >
>> > I check my firewall rules if there is some rate limiting imposed.
>> > There is nothing in there.
>> >
>> > I check tc, if by mistake some rate limiting is imposed. There is
>> > nothing in there too.
>> >
>> > I have increased noOfFiles to 1000000 and other sysctl parameters, but
>> > the issue is still there.
>> >
>> > Has anybody experienced the same?
>> >
>> > How to go about? Anybody ... Please Help!!!
>>
>> Its getting lonely out here. Anybody there ???
>
> We wont help you unless you use a recent kernel.
>
> 3.10 misses all recent improvements in TCP stack (4 years of hard work)
>
>
>
>
>

I upgraded to 4.4 but still experiencing same issue.
Please help.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ