[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] stunnel fails and emits SYN flooding messages

Subject: [ale] stunnel fails and emits SYN flooding messages
From: ametts2 at mindspring.com (Allan Metts)
Date: Tue, 9 Feb 2010 11:51:52 -0500 (GMT-05:00)

We're experiencing intermittent failures with our servers running stunnel on Amazon EC2.  When the failure occurs, stunnel continues attempts to authenticate the certificate, but no longer allows connections.

A review of /var/log/messages shows the following messages once each minute, beginning at the time of failure (these message occur less frequently at other times as well):

  kernel: possible SYN flooding on port 443. Sending cookies.

Also notable is the fact that stunnel seems to be consuming most of the system memory at this point (over 2GB, 78%).  Sockstat shows several thousand activate connections (which is in-line with our typical usage), but does not seem to be showing any that are stranded.

Can anyone suggest what might be happening?  Any recommended remedies?

Thanks in advance,
Allan

Follow-Ups:
- [ale] stunnel fails and emits SYN flooding messages
  - From: mhw at WittsEnd.com (Michael H. Warfield)

Prev by Date: [ale] Q: cron.daily in ubuntu-9.04
Next by Date: [ale] VLM & LUKS
Previous by thread: [ale] Q: cron.daily in ubuntu-9.04
Next by thread: [ale] stunnel fails and emits SYN flooding messages
Index(es):
- Date
- Thread