Wednesday, January 11, 2012

Cause of "Connect reset by peer" error message using AB Tool

One more interesting finding about AB Tool (Apache Benchmarking tool) on linux.

During one of my recent runs I notices a very weird behavior. I was getting "Connection reset by peer" error message consistently when I was firing 15000 concurrent request with 90000 total number of request. I started getting successful response back when I fired 15000 concurrent request with 30000 total number of request. (i.e. ab -c 15000 -n 30000 vs. ab -c 15000 -n 90000) . I fired the 15k and 30k combination in a loop 100 times and every time I got successful result. I wanted to know why I am getting connection reset when I am firing 90K request in one process vs firing much more across multiple process.

I observed "Possible SYN flooding on port 80. Sending cookies
" error message in the redhat's kernal log(/var/log/message). Since AB tool was firing lots of request the OS considered it as threat. :0.

I disabled tcp_syncookie by firing sysctl -w net.ipv4.tcp_syncookies=0 command and was being able to fire request much more than 90K. There are other parameters which you can be modify to increase the syncookie limit and time wait limit which might be helpful incase you don't have layers of firewall protecting your server. I will try mentioning them in my next blog.

Hope it helps


No comments:

Post a Comment