$cat /proc/sys/net/ipv4/tcp_max_orphans
8192
$
tcp_max_orphans
The tcp_max_orphans variable tells the kernel how many TCP sockets that
are not attached to any user file handle to maintain. In case this number is
exceeded, orphaned connections are immediately reset and a warning is printed.
The only reason for this limit to exist is to prevent some simple DoS attacks.
Generally you should not rely on this limit, nor should you lower it artificially.
If need be, you should instead increase this limit if your network environment
requires such an update. Increasing this limit may require that you get more
memory installed to your system. If you hit this limit, you may also tune your
network services a little bit to linger and kill sockets in this state more aggressively.
This variable takes an integer value and is per default set to 8192, but heavily depends
upon how much memory you have. Each orphan that currently lives eats up 64Kb of unswappable
memory, which means that one hell of a lot of data will be used up if problems arise.
Copyright © 2002 by Oskar Andreasson GNU FDL
source : http://www.frozentux.net/ipsysctl-tutorial/chunkyhtml/tcpvariables.html
trunk/reborn.sh
249: net.ipv4.tcp_synack_retries = 2
250: net.ipv4.tcp_max_orphans = 262144
251: net.core.somaxconn = 262144
reborn.googlecode.com/svn - Unknown - Shell
TODO -- Research Related Content
.png)