0

i am using POX controller and L2_learning Module. i have a simple topology : a single open vSwitch with 3 hosts(in mininet). one of the hosts is http server and one host is used to send 50 forged SYN packets per second to the HTTP host (by using hping3). my purpose is to syn flood the server. i also have disabled SYNCookies protection mechanism.
when i perform the attack, then i check the list of half-open connections at the server with this command : "netstat -an | grep : 80 | grep :-i syn". it only lists 16 half-open connection at the server although tcp_max_syn_backlog file in my linux is set 128. i expect to see 128 half-open connection at the server but server does list just 16 half-open connection. i have also tried to send 100 forged tcp syn packet but server again just lists 16 half-open connection . i guess it is somewhere set to 16 for mininet virtual hosts for maximum half-open connections but i do not know where. i tried to see tcp_max_syn_backlog file in my mininet virtual host (the one which is my server) but there was nothing in it's path in "/proc/sys/net/ipv4". any one know why mininet virtual hosts only accept 16 half-open connections and how it can be changed? thank you

majid67110
  • 35
  • 7
  • "file in my linux is set 128" which linux? Host or virtual machine? – SotirisTsartsaris May 24 '16 at 20:10
  • tcp_max_syn_backlog file in ubuntu is set 128 (i have installed ubuntu as a guest OS in virtual box and installed mininet and pox in ubuntu) but as i said i have created 3 hosts in mininet by "sudo mn command" and one of these hosts is my http server. i tried to find tcp_max_syn_backlog in my http server host (host that created by mininet) but found nothing. – majid67110 May 25 '16 at 05:58
  • If you `xterm h1` nd then `nano /etc/sysctl.conf` what do you have? – SotirisTsartsaris May 25 '16 at 08:13
  • its content is all commented except : net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6=1 net.ipv6.conf.lo.disable_ipv6=1 – majid67110 May 25 '16 at 08:38
  • Read a bit http://www.ubuntugeek.com/performance-tuning-with-system-control-sysctl-in-ubuntu.html and preferably downoload the mininet image from https://github.com/mininet/mininet/wiki/Mininet-VM-Images to run your tests. – SotirisTsartsaris May 25 '16 at 08:42

0 Answers0