Re: Too many sockets in SYN_RECV
On 12/07/2011 06:30 PM, Marek Podmaka wrote:
> Or the other way - why the
> kernel can't handle the new connections without syncookies?
Let me try again, with that way.
Without syncookies, you got resources exhaustion. Not necessarily
memory, but just internal kernel resources.
Without having a look into the kernel code, I'd picture in my mind an
internal table with tcp connections that have received a SYN, but not
yet an ACK, or something similar. And there's a limit that you could
reach. Passed that limit, the kernel would start ignoring SYN packets,
and you can't connect anymore.
I hope this (a way shorter) version of the explanations are more clear.
It'd be cool to have someone with more internal Linux kernel know-how to
correct me with something more accurate facts: I only know the TCP
protocol theory, not the implementation in Linux itself, and I never
wrote a TCP/IP stack myself...