On Mon, 20 Jan 1997, James R Grinter wrote:
> >> However, I don't really have a clue as to what a sensible setting
> >> for a small system should be. The 5 was copied from smail.
> >
> >My understanding is that even on a busy system, a setting of 1 (or is that 0)
> >should be sufficient if all is going well.
> >SYS_RECV's tend to imply that there is a network problem, or you are under
> >attack !
>
> (that's SYN_RCVD)
>
> A busy system can require a large number, as it must have a large
> enough backlog queue for the number of SYN+ACKs that are in transit
> from the server back to the client, along with space for incoming
> SYN requests from new clients attempting connections. (You can of
> course work out the optimal number, from the number of connections
> per second and the typical rtts to clients.)
If you don't want to be vulnerable to SYN floods, then I'd suggest making
it about 4k, if the OS supports it. Otherwise, I've found that even with
chatty protocols like HTTP on one of probably the top 10 sites in the world,
512 is enough for normal traffic. SMTP should be happy with 64 or less.
If at all possible, this should be admin configurable, so that paranoid
folk can bump it up to hell and back, for when the kiddies get out their
SYN flooders (or before :) ).
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts@??? which may have no basis whatsoever in fact."
PSB#9280