hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : A lot of SYN_RECV connections
Reply

Forum Jump

A lot of SYN_RECV connections

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 04-08-2010, 09:45 AM
supiiik supiiik is offline
Junior Guru Wannabe
 
Join Date: Jul 2009
Posts: 40

A lot of SYN_RECV connections


I'm running webserver on centos5.4 with new 2.6.33.1 kernel. My problem is a lot of apache processes with "..reading.." request (10-15% requests are in ..reading.. status). I think, that problem are TCP connections in SYN_RECV status:
netstat -na | wc -l : 19000
netstat -na | grep SYN_RECV | wc -l : 180
There is always around 0,5-1% connections in SYN_RECV and I'm sure, that it's not DoS/DDoS attack! Could it be problem of new kernel? Or network problem?
Server is very fast and apache handle almost all request very fast but sometime it takes around 10s to handle request (process in ..reading.. state), it's clearly random, not only one IP or group of IPs. Could it problem of any limit in linux?
Server: i7 920, 24GB RAM, 100mbps

Sorry for my bad english...



Sponsored Links
  #2  
Old 04-08-2010, 09:50 AM
UNIXy UNIXy is offline
Warp Speed!
 
Join Date: Feb 2008
Location: Houston, Texas, USA
Posts: 2,837
The SYN_RECV count seems to be reasonable considering the number of active connections on your server. Try to strace the apache process that's doing this and see where it is at.

Regards
Joe / UNIXY

__________________
|- UNIXY :: Fully Managed Servers and Clusters Since 2006
|- DC POP :: Houston, Los Angeles, Atlanta, & Rotterdam NL
|- Managed Magento Varnish Servers w/ ESI. < 250ms Page Load / TTFB
L- We LOVE helping our clients!

  #3  
Old 04-08-2010, 10:12 AM
supiiik supiiik is offline
Junior Guru Wannabe
 
Join Date: Jul 2009
Posts: 40
10 days ago I've move my web site to the new datacenter and new server and since this time it is happening. Before there was usually around 20 connections in SYN_RECV.

It's very hard to catch (strace) problematic apache process, because there are many processes and while I write strace command, process finish problematic request and continue correctly

WCC.RW_.C.R_CC_WWCCW_RCCCWC_WC_CC._WR_W_C__WWW_CR_C_W_RRCW_RRRRW
WCWC_WCW_C_WC_WW_WCCCC_WCW__CC_CCRC__CW__WC_CWCWW_WCC_W_CCRCRCCC
CWCW___CRC_W_C.W_WW__CWRC_W....W.R.R.C_RW_W......W.._..._.W..WWR
..W.RR._.RR_..WC.W._CRWCC__C._C_._C.C_W.W..RCCWC..W.RW.CC_WW.R..
...............W................................................
................................................................
................................................................
................................................................

Sponsored Links
  #4  
Old 04-08-2010, 12:44 PM
rickb12 rickb12 is offline
Web Hosting Evangelist
 
Join Date: Apr 2003
Posts: 454
I recommend installing CSF Firewall (http://configserver.com/cp/csf.html) and enabling connection tracking. This might work as a stopgap for when you're not in front of a terminal.

  #5  
Old 04-08-2010, 01:22 PM
supiiik supiiik is offline
Junior Guru Wannabe
 
Join Date: Jul 2009
Posts: 40
Quote:
Originally Posted by ReadyRick View Post
I recommend installing CSF Firewall (http://configserver.com/cp/csf.html) and enabling connection tracking. This might work as a stopgap for when you're not in front of a terminal.
I have CSF already installed, but I have not a problem with unwanted connections, server is not under attack. I'd like to speed up connections, which are in SYN_RECV state. These connections are in this state for a long time (avg 10s) and it is slowing down some request on the web server. Or maybe the problem is doing apache (v2.2.15), I don't know

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
A lot of connections from 127.0.0.1 myk8022 Hosting Security and Technology 12 03-11-2013 05:07 AM
100's of SYN_RECV connections? henningl Hosting Security and Technology 3 02-01-2010 12:32 AM
Multiple SYN_RECV connections to HTTP d-lexy Hosting Security and Technology 2 01-06-2004 06:11 AM
$$$ Do YOU have connections, and want to earn a lot of money? $$$ EasyWebSol Employment / Job Offers 0 08-05-2003 07:42 PM
RAM SYSLOAD problems with a lot of HTTP connections! ZYE Dedicated Server 0 01-26-2002 07:43 AM

Related posts from TheWhir.com
Title Type Date Posted
Swarmify's New Approach to Content Delivery Uses Site Visitors to Accelerate Content Web Hosting News 2014-05-01 08:34:03
Microsoft Launches ExpressRoute to Provide Fast and Secure Hybrid Cloud Connections Web Hosting News 2014-02-21 13:20:00
Linode Updates Cloud-Based Load Balancer Service with SSL Support Web Hosting News 2013-11-08 11:50:09
Google Cloud Provides Support For Native MySQL Connections Web Hosting News 2013-11-01 14:36:06
Cologix Expands Standard Connections Product to All Carrier Hotel Data Centers Web Hosting News 2013-01-15 11:25:06


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?