cvs commit: src/sys/netinet tcp_subr.c tcp_timer.c tcp_timer.h
Robert Watson
rwatson at FreeBSD.org
Wed Sep 19 15:04:00 PDT 2007
On Thu, 20 Sep 2007, Abdullah Ibn Hamad Al-Marri wrote:
> Hello Robert,
>
> I still get these messages.
>
> TCP: []:65461 to []:3306 tcpflags 0x10<ACK>; syncache_expand: Segment failed
> SYNCOOKIE authentication, segment rejected (probably spoofed)
>
> This is phpmyadmin connects to remote MySQL Server 5.0
We should disable this TCP logging by default, and turn it on only when
actually debugging a visible issue, as many of the log messages reflect
perfectly legitimate (or at least common) network conditions. You can and
should ignore them for now. We should ask people to disable this debugging
only when they have symptoms of specific problems, because the rest of the
time they cause bug reports for things that aren't bugs :-). I find the
following quite useful in sysctl.conf on all my world-facing 7.x servers
because it gets rid of the noise:
net.inet.tcp.log_debug=0
Otherwise I get a near-continuous stream of garbage in syslog or the console.
Robert N M Watson
Computer Laboratory
University of Cambridge
More information about the cvs-src
mailing list