Protecting from SYN floods and other asshole people.

Matthew S. Crocker matthew at
Fri Aug 31 20:58:03 BST 2001


 I have a LVS cluster up and running directing SMTP,POP3,IMAP to 3 real
servers using direct route.   The 'ipvsadm -l -c -n' command shows >2k
connections from one IP address in ESTABLISHED state.  When one times
another one gets created.  It always seems to hover around 2200
connections.   The real servs are not working too hard on it because
tcpserver is rejecting connections (I think).   Can I put an iptables
entry on the director to block the offending CLass C?  Or, does LVS happen
before the iptable stuff?


On Fri, 31 Aug 2001, Cpunk wrote:

> The web page is showing a phpsysinfo page instead of the regular content.
> Is there a "trusted" mirror somewhere?
> _______________________________________________
> mailing list - lvs-users at
> Send requests to lvs-users-request at
> or go to

Matthew S. Crocker
Vice President / Internet Division         Email: matthew at
Crocker Communications                     Phone: (413) 587-3350
PO BOX 710                                 Fax:   (413) 587-3352
Greenfield, MA 01302-0710        

More information about the lvs-users mailing list