Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

is gen_tcp:accept/1 safe?

Tags:

sockets

erlang

I am implementing a server which accepts many concurrent connections.

I used this structure:

loop(Sock) ->
  case gen_tcp:accept(Sock) of
      {ok, CSock} ->    
          fork_handling_process(CSock);
      {error, Reason} ->
          do_something_else();
  end,
  loop(Sock).

I am wondering if someone sends me a SYN, but never sends me an SYN ACK in response to my server ACK, will my server be blocked forever by that client since I call gen_tcp:accept without a timeout?

By the way I think this situation is hard to emulate, so please let me know if you have ways to try it out.

Thx in advance.

like image 988
Chi Zhang Avatar asked Oct 14 '22 19:10

Chi Zhang


1 Answers

When you listen/accept its a bit different as you describe:

Some client wants to connect: it sends a SYN, then your operating system sends a SYN/ACK (erlang not involvled), when you get the ACK gen_tcp:accept will return.

When someone sends you SYN's and nothing else (that would be a SYN flood attack if done in a great amount) then operating system resources will be reserved but nothing happens in your erlang code because a three way handshake is not complete yet.

Many operating systems are taking special care of SYN flooding attacks avoiding too much resource consumption.

like image 180
Peer Stritzinger Avatar answered Oct 18 '22 02:10

Peer Stritzinger