|
Hi there,
maybe anyone of you can help me. I got some Problem protecting my VS
from
SYN - flood attacks. Somehow the drop_entry mechanism seems not to work.
Doing a SYN-Flood with 3 clients to my VS ( 1 director + 3 RS ) the
System
get´s unreachable. -> a single Server (one of my RS) "DoSed" by those
clients
stays alive.
Set-up:
all RS have tcp_syncookies enabled (1) the tcp_max_syn_backlog is set to
128
after booting the director is set drop_entry var to 1 (echo 1 >
drop_entry)
(I have to do this all the time I reboot the director => is the
drop_entry var
not stored somehow ?)
before compiling the Kernel I set the table size to 2^20 my Director has
256 MB of
memory and no other applications are running so that should be o.k.
did I miss anything ?
I'm using ip tunneling and lc scheduling if this is important
I`m thankfull for any help I can get
Joern
|
