* [9front] [NOTICE] TCP reset issues with internet facing devices
@ 2024-04-27 15:53 Jacob Moody
2024-04-27 16:26 ` Steve Simon
0 siblings, 1 reply; 3+ messages in thread
From: Jacob Moody @ 2024-04-27 15:53 UTC (permalink / raw)
To: 9front
All,
Recently shithub and git.9front.org has been facing some sort of tcp SYN spam.
This surfaced a bug with how we handle tcp connections in "limbo" this resulted
in us leaking "slots" so connection reset would become quite common.
We thought this was just isolated to shithub and git but others have reported
this same issue happening on their vultr virtual machines. So if you are having
some current persistent network issues it is worth taking a look.
The fix has been committed, so a sysupdate and a kernel update should stop us
falling over from the SYN spam. We've observed this fixing the issue on our
devices.
Thanks,
moody
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [9front] [NOTICE] TCP reset issues with internet facing devices
2024-04-27 15:53 [9front] [NOTICE] TCP reset issues with internet facing devices Jacob Moody
@ 2024-04-27 16:26 ` Steve Simon
2024-04-27 16:32 ` cinap_lenrek
0 siblings, 1 reply; 3+ messages in thread
From: Steve Simon @ 2024-04-27 16:26 UTC (permalink / raw)
To: 9front
intetesting.
did you track the source of the syns? i wonder if it was a dos attack or just some search engine probing?
-Steve
> On 27 Apr 2024, at 4:53 pm, Jacob Moody <moody@posixcafe.org> wrote:
>
> All,
>
> Recently shithub and git.9front.org has been facing some sort of tcp SYN spam.
> This surfaced a bug with how we handle tcp connections in "limbo" this resulted
> in us leaking "slots" so connection reset would become quite common.
>
> We thought this was just isolated to shithub and git but others have reported
> this same issue happening on their vultr virtual machines. So if you are having
> some current persistent network issues it is worth taking a look.
>
> The fix has been committed, so a sysupdate and a kernel update should stop us
> falling over from the SYN spam. We've observed this fixing the issue on our
> devices.
>
>
> Thanks,
> moody
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [9front] [NOTICE] TCP reset issues with internet facing devices
2024-04-27 16:26 ` Steve Simon
@ 2024-04-27 16:32 ` cinap_lenrek
0 siblings, 0 replies; 3+ messages in thread
From: cinap_lenrek @ 2024-04-27 16:32 UTC (permalink / raw)
To: 9front
its just constantly opening connections on https port from
multiple ip addresses from some brazilian isp.
if it where probing, you'd think they'd be satisfied with
the result once. nod doing 300+ connection attemps per
second.
--
cinap
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-04-27 16:33 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-27 15:53 [9front] [NOTICE] TCP reset issues with internet facing devices Jacob Moody
2024-04-27 16:26 ` Steve Simon
2024-04-27 16:32 ` cinap_lenrek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).