Help with netstat "failed connection attempts"

I'm always trying to improve my servers performance. Today, reading an article about tcp tunning ( high load average), I typed "netstat -s" and found, among other things, this, 13 hours after rebooting:

Code: 
Tcp:
    2220 active connections openings
    ... 
    1053 failed connection attempts
    ...
TcpExt:
    4728 invalid SYN cookies received
    2724 resets received for embryonic SYN_RECV sockets
I don't understand TCP in depth, so I compared this with the stats on other server I have (not ev1), and it pointed that something it's going strange here... there are too much failed connections (%), isn't it?

Here's my sysctl.conf:

Code: 
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
kernel.sysrq = 0
net.core.rmem_max = 8388608
net.core.wmem_max = 8388608
net.core.rmem_default = 65536
net.core.wmem_default = 65536
net.ipv4.tcp_rmem = 4096 87380 8388608
net.ipv4.tcp_wmem = 4096 65536 8388608
net.ipv4.tcp_mem = 8388608 8388608 8388608
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_window_scaling = 0
net.ipv4.tcp_sack = 0
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_max_syn_backlog = 4096
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 3
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.tcp_syncookies = 1
Machine is PIV Celeron 1,7, 1 Gb RAM, 2.4.20

Could this be related with the high load averages I get at peek times (1 mbs/s)? If so, suggestion to fix it?

Thanks in advance.

David

 

 

 

 

Top