ipv4

I would like to know the possible values of st column in /proc/net/tcp . I think the st column equates to STATE column from netstat(8) or ss(8) . I have managed to identify three codes: sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 0100007F:08A0 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 7321 1 ffff81002f449980 3000 0 0 2 -1 1: 00000000:006F 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 6656 1 ffff81003a30c080 3000 0 0 2 -1 2: 00000000:0272 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 6733 1

LVS+DR模式+keepalived 上一篇博客我们说了三种模式，NAT,TUN,DR这次是DR+Keepalived 先了解什么是Keepalived keepalived采用VRRP热备份协议实现Linux服务器的多机热备功能 VRRP,虚拟路由冗杂协议，是针对路由器的一种备份解决方案 keepalived可以实现多机热备，每个热备组可有多台服务器，最常用的就是双机热备 双击热备的故障切换是由虚拟IP地址的飘逸来实现，适用于各种应用服务器 LVS-DR的ARP问题 在LVS-DR的负载均衡群集中，负载均衡器与节点服务器都要配置相同的VIP地址 在局域网中具有相同的IP地址，势必会造成服务器APR通信的紊乱 当一个ARP广播发送到LVS-DR集群时，因为负载均衡器和节点服务器都是连接到相同的网络上，它们都会接收到ARP广播 此时只有前端的负载均衡器进行响应。其他节点服务器不应该响应ARP广播 LVS-DR的ARP问题解决方案 对节点服务器进行处理，使其不响应针对VIP的ARP请求 使用虚接口lo:0承载VIP地址 设置内核参数arp_ignore=1:系统只响应目的IP为本地IP的ARP请求 下面我们来做实验 实验规划 我们需要五台虚拟机 DR1 主服务器 192.168.100.201 DR4 备份服务器 192.168.100.202 web 5 192.168.100

一、上节回顾 上一节，我带你学习了 tcpdump 和 Wireshark 的使用方法，并通过几个案例，带你用这两个工具实际分析了网络的收发过程。碰到网络性能问题，不要忘记可以用 tcpdump 和 Wireshark 这两个大杀器，抓取实际传输的网络包，排查潜在的性能问题。 今天，我们一起来看另外一个问题，怎么缓解 DDoS（Distributed Denial of Service）带来的性能下降问题。 二、DDoS 简介 1、DDoS 简介 DDoS 的前身是 DoS（Denail of Service），即拒绝服务攻击，指利用大量的合理请求，来占用过多的目标资源，从而使目标服务无法响应正常请求。 DDoS（Distributed Denial of Service） 则是在 DoS 的基础上，采用了分布式架构，利用多台主机同时攻击目标主机。这样，即使目标服务部署了网络防御设备，面对大量网络 请求时，还是无力应对。 比如，目前已知的最大流量攻击，正是去年 Github 遭受的 DDoS 攻击，其峰值流量已经达到了 1.35Tbps，PPS 更是超过了 1.2 亿（126.9 million）。 2、从攻击的原理上来看，DDoS 可以分为下面几种类型。 第一种，耗尽带宽。无论是服务器还是路由器、交换机等网络设备，带宽都有固定的上限。带宽耗尽后，就会发生网络拥堵

import sys import re def is_ipv4(ip): p = re.compile( '^((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)$') if p.match(ip): return True else: return False def is_ipv6(ip): p = re.compile('^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:)|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}(:[0-9A-Fa-f]{1,4}){1,2})|(([0-9A-Fa-f]{1,4}:){4}(:[0-9A-Fa-f]{1,4}){1,3})|(([0-9A-Fa-f]{1,4}:){3}(:[0-9A-Fa-f]{1,4}){1,4})|(([0-9A-Fa-f]{1,4}:){2}(:[0-9A-Fa-f]{1,4}){1,5})|([0-9A-Fa-f]{1,4}:(:[0-9A-Fa-f]{1,4}){1,6})|(:(:[0-9A-Fa-f]{1,4}){1,7})|(([0-9A-Fa-f]

How should I choose an IPv4 multicast address for my application's use? I may need more than one (a whole range perhaps ultimately) but just want to avoid conflicts with other applications. Packets will be entirely contained within an administrative domain, probably a LAN If several independent instances of my application are in use on the same network, they could each use their own multicast address - but if they don't, they will be able to coexist anyway, they'll just have a small amount of overhead ignoring each others' packets. My packets already contain a "magic number" to avoid problems

I ported an application to support IPv6, using popular tutorials. I decided to use only one socket listener for both protocols. Now I realized I have to set IPV6_V6ONLY properly (it's only working on my x86 linux out of the box, but not on my ARM). Is this really the way to go? Some say IPV6_V6ONLY shouldn't be used (apparently it's outdated, because of IPv4 mapping over the wire), some say using one socket for both protocols is fine. So, I'm confused. What is the current state about this problem? Did I misunderstand the problem? You should always bind both sockets explicitly, with the IPv6

涉及内容： 1.DNS 2.网络yum源 3.epel源 4.同步时间 5.安装vim 6.设置最大打开文件描述符数 7.禁用selinux 8.关闭防火墙 9.优化ssh连接速度 10.内核参数优化 11.设置vim退格键删除最后一个字符类型 12.更新内核 脚本如下： #!/bin/bash #author yundd by #this script is only for CentOS 7.x #check the OS platform=`uname -i` if [ $platform != "x86_64" ];then echo "this script is only for 64bit Operating System !" exit 1 fi echo "the platform is ok" cat << EOF your system is CentOS 7 x86_64 EOF #添加公网DNS地址 cat >> /etc/resolv.conf << EOF nameserver 114.114.114.114 EOF #Yum源更换为国内阿里源 yum install wget telnet -y mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

I am experimenting with IPv6 sockets, particularly the "dual stack" capability offered on Windows Vista and later, and apparently on Unix by default. I am finding that when I bind my server to a specific IP address, or to the hostname resolution of my local machine, I cannot accept a connection from an IPv4 client. When I bind to INADDR_ANY however, I can. Please consider the following code for my server. You can see that I follow Microsoft's advice of creating an IPv6 socket, then setting the IPV6_V6ONLY flag to zero: addrinfo* result, *pCurrent, hints; memset(&hints, 0, sizeof hints); //

I'm trying to port a MacOSX app to windows and I've come up against a problem around getifaddrs. Basically windows does not support it. I'm trying to figure a way to re-implement it (for AF_INET and AF_INET6) but the "equivalent" functionality on windows appears to be nothing like the MacOSX support. Has someone done this sort of conversion before? If so is there a nice way I can get windows to report me interface info like MacOSX does? The closest functions on Windows are GetAdaptersInfo and GetAdaptersAddresses . The MSDN documentation is pretty comprehensive, so you should find everything