À¥ ¼¹ö¿¡ ÇÑ°è ÃÖ´ë TCP ¿¬°á
Windows XP SP2¿Í â ºñ½ºÅ¸¿¡¼´Â, ¸¹Àº »ç¿ëÀÚ´ÂÀ» ã°í ÀÖ´Ù tcpip.sys¿¡ ÀÇÇÏ¿© ±â¿öÁö´Â Àü¼¼ ¸¶Â÷ ¶Ç´Â ÀÚµ¿ patcher Àú°ÍÀº »ó°è¿¡ TCP/IP¸¦ ¹Ý ¿¬´Ù µ¿½Ã ¿¬°á ÇѰ踦 ÀÚ¹°¼è·Î ¿¬´Ù. ÀÎÅͳݿ¡ µå·¯³»´Â À¥ ¼¹ö¿¡¼´Â Çѹø¸¸ Çã¿ëµÇ´Â À¥ ¼¹ö¿¡ TCP µé¾î¿À´Â ¿¬°áÀÇ ÃÖ´ë ¼ýÀÚ¸¦ Á¦ÇÑÇÏ°í Á¦ÇÑÇÏ´Â ÇÊ¿ä°¡ ÀÖÀ»Áöµµ ¸ð¸£´Ù °÷¿¡, Á¤¹Ý´ë´Â Áø½ÇÇÒÁöµµ ¸ð¸¥´Ù.
À¥ ¼¹ö¿¡ ÃÖ´ë µé¾î¿À´Â TCP À¥ ¿¬°áÀ» Á¦ÇÑÇÏ´Â °ÍÀº ¾ÆÁ÷µµ ¸·°Å³ª ³ª¾ÆÁö°Ô À¯¿ëÇÏ´Ù, Á¤Áö DDoS (ºÐ¹èµÈ ¼ºñ½º °ÅºÎ) ¶Ç´Â DoS (¼ºñ½º °ÅºÎ) °ø°Ý. DDoS °ø°ÝÀº ½Ã½ºÅÛ ÀÚ¿ø °ÅâÇÑ ¾çÀ» ¼Ò¸ðÇÒ ¼ö ÀÖ°í CPU ÁüÀº Á¤´çÇÑ ¹æ¹®ÀÚ¿¡°Ô, À¥ ÆäÀÌÁö ¼ºù ½Ã°£ ¶Ç´Â ÀÀ´ä ½Ã°£À» °¨¼ÓÇÑ´Ù. ±×¸®°í ³ª»Û ÄÉÀ̽º¿¡¼, °ø°ÝÀº ºñ·Ï ´ç½ÅÀº ±â¾ïÀÇ ´Ù¼ö GBs¸¦ °¡Áø ÀÌÁß qual ÁßÇÙ CPU Àü¿ë ¼¹ö°¡ ÀÖ´õ¶óµµ, À¥ ¼¹ö¸¦ °É°í ¿ÏÀüÇÏ°Ô ²ø¾î³»¸± ¼ö ÀÖ´Ù.
¹æÈ£º® ¶Ç´Â µ¿±â À¯ÈÞ ¹®ÀÚ °úÀÚ »ç¿ë ÀÌ¿Ü¿¡ °ø°Ý ¼ºñ½º °ÅºÎ¿¡ ÀÀ´ä, ¸·±â À§ÇÏ¿©´Â, ¼¹ö°¡ ÃÊ´ç ¹Þ¾ÆµéÀÏ ¼ö ÀÖ´Â TCP ¿¬°áÀÇ ¼ö¸¦ Á¦ÇÑÇÏ´Â °Íµµ °¡´ÉÇÏ. °³³äÀº À¥ ÆäÀÌÁö°¡ digged, ºñƲ°Å·Á ÀÏ ¶§ ¶ÇÇÑ Àû¿ëÇØ ÀÏÁö¸ð¸¥°í ¶Ç´Â farked Á¶¾÷ ´ÜÃà °æ°£¿¡ ÀÖ´Â ´Ù·® ±¸°æ²ÛÀ» °¡Á®¿À´Â. ±×·¯³ª, ÀÌ workaround´Â »ì¾Æ³´Ù' ¿ÏÀüÇÏÁö ¾Ê°Ô ¿¬°áÀÇ ¾öû³ ±Ô¸ð¿¡ ÀÇÇؼ¸¸ ²ø¾î³»·Á ¼¹ö¸¦' ¸¸µå´Â °ÍÀ» ¿¹Á¤ÇÑ´Ù. ±×¸®°í ±ÝÁö´Â ¼¹ö¿¡ ³Ê¹« Á¢´ëµÈ À¥»çÀÌÆ®¿¡ À¯È¿ÇÑ Àΰ£ ¹æ¹®ÀÚ¿¡ Á¦ÇÑÀÌ ±×°ÍÀÇ °æ°è¸¦ ¸íÁßÇÏ°í È°¹ßÈ÷ »õ·Î¿î ¿¬°áÀ» ºÎÁ¤ÇÏ´Â °æ¿ì¿¡ Àû¿ëÇÒ °ÍÀÌ´Ù.
ÇàÁ¤°üÀº ÃÊ´ç ¼¹ö¿¡ TCP ¿¬°áÀÇ ¼ö¿¡ ÃÖ´ë Çѵµ¸¦ ¼ö¶ô°¡´ÉÇÑ ¼³Á¤Çϱâ À§ÇÏ¿© iptables¸¦ ÀÌ¿ëÇÒ ¼ö ÀÖ´Ù. ÇÑ°è, ·Î±×ÀÎÀ» ´ëüÇÏ´Â µÚ¿¡ ¿À´Â ¸í·ÉÀ» ¹þ±â°í ¹ßÇàÇϱâ À§ÇÏ¿© »Ñ¸®·Î Çü¼ºÇϱâ À§ÇÏ¿© <n> ÃÊ´ç ¿¬°áÀÇ ¼ö·Î ´ç½ÅÀº, ³õ°í ½Í´Ù <m> ÇѰ踦 Àû¿ëÇÏ´Â ½ÃÀÛÇÏ´Â u°¡ ¼¹ö¸¦ ¿øÇÏ´Â ¹ö½ºÆ® À²·Î, ºÎ·ù ¾ø´Â µÑ ´Ù.
iptables - nat t -´Â N µ¿±â À¯ÈÞ ¹®ÀÚ ¹ü¶÷ÇÑ´Ù
- m ÇÑ°è - ÇѰ踦 µ¿±â À¯ÈÞ ¹®ÀÚ ¹ü¶÷ÇÑ´Ù iptables - nat t -´Â <n>/s - ÇÑ°è ÆÄ¿ÇϽʽÿÀ <m> - j ¹Ýȯ
iptables - nat t -´Â - j Ç϶ôÀ» µ¿±â À¯ÈÞ ¹®ÀÚ ¹ü¶÷ÇÑ´Ù
iptables - nat t - PREROUTING - i $EXT_IFACE - d $DEST_IP - p tcp - µ¿±â À¯ÈÞ ¹®ÀÚ - j´Â µ¿±â À¯ÈÞ ¹®ÀÚ ¹ü¶÷ÇÑ´Ù
»ó±âÀÇ ¸í·ÉÀº À¥ ¼¹ö¿¡ ¿¬°áÇÒ ¼ö ÀÖ´Â TCP ¿¬°áÀÇ ÃÖ´ë ¼ýÀÚ¸¦ Á¦ÇÑÇÒ °ÍÀÌ´Ù n ÃÊ´ç ¿¬°á, ÈÄ¿¡ m ¿¬°áÀº ¼³Ä¡µÇ¾ú´Ù. ´ç½ÅÀÌ ³õÀ» ¼ö ÀÖ´Â ¿¬°áÀÇ ¼ö¿¡ Á¶Á¤ ¼ýÀÚ°¡ ¾ø´Ù. If the server is powerful it¡¯s possible to increase the values to handle and accept more connection in order to reduce any drop connections. Try and set the best values for your server.
IMPORTANT: This is a machine translated page which is provided "as is" without warranty. Machine translation may be difficult to understand. Please refer to original English article whenever possible.
Share and contribute or get technical support and help at My Digital Life Forums.
Related Articles
- Windows XP SP2 TCP Connection Limit (Event ID 4226)
- TCP/IP Has Reached the Security Limit Imposed on the Number of Concurrent TCP Connect Attempts Error on Windows Vista
- Tweak (Increase or Change) Maximum Simultaneous HTTP and Downloads Connections to Web Server
- Optimize and Increase BitTorrent (BT) Download Speed in Vista
- How to Find and Check Number of Connections to a Server
- Windows Vista tcpip.sys Connection Limit Patch for Event ID 4226
- Prevent and Stop DoS or DDoS Attacks on Web Server (D)DOS-Deflate
- Increase Multithread Download Speed by Disable Vista Auto Tuning on TCP/IP
- VistaTcpPatch Windows Vista TCP Half Open Limit Auto Patcher GUI Version
- Easily Maintain Multiple Remote Desktop Connections with visionapp Remote Desktop (vRD)
Entries (RSS)
July 2nd, 2008 08:24
[...] limit en yüksek derece TCP bağlant©¥ -e doğru örümcek ağ©¥ -e hizmet limit en yüksek derece gelir TCP örümcek ağ©¥ bağlant©¥ -e doğru belgili tan©¥ml©¥k örümcek ağ©¥ -e hizmet etmek bkz. be yararl©¥ -e doğru önlemek ya da daha iyi [...]