[Info-vax] TCPIP tying up system
Phillip Helbig---undress to reply
helbig at astro.multiCLOTHESvax.de
Sat Nov 27 07:07:21 EST 2010
Recently, I've noticed a slowdown which is apparently due to TCPIP
processes. However, before I can gain information on them, they go away
(and others appear). Usually, it goes away after 5 minutes or so. I
notice it every couple of days, so it probably happens several times a
day.
Today, it tied things up so bad I had to do CTRL-P and reboot. I
couldn't access any active sessions and couldn't log in from elsewhere.
Here's a list of processes I collected from another node before the
reboot:
OpenVMS V7.3-2 on node GLADIA 27-NOV-2010 11:53:07.77 Uptime 252 05:30:56
Pid Process Name State Pri I/O CPU Page flts Pages
24060604 TCPIP$SMT_BG416 COM 11 152 0 00:00:18.90 3233 240 N
24060E06 TCPIP$SMT_BG452 COM 11 174 0 00:00:21.98 1003864 281 N
24061015 TCPIP$SMT_BG461 COM 11 104 0 00:00:20.67 1002070 187 N
24000117 TCPIP$INETACP HIB 8 3018984 0 00:26:04.95 45131 169
24000118 TCPIP$ROUTED COMO 15 -- swapped out -- 26 S
24000119 TCPIP$PORTM_1 LEFO 14 -- swapped out -- 21 N
2400011A TCPIP$BOOTP_1 LEFO 14 -- swapped out -- 21 N
2400011B TCPIP$FTP_1 LEFO 14 -- swapped out -- 24 N
24060142 TCPIP$SMT_BG570 COM 11 105 0 00:00:16.63 972127 150 N
24060A43 TCPIP$SMT_BG580 COM 11 101 0 00:00:16.86 969264 187 N
2405F844 TCPIP$SMT_BG631 COM 11 95 0 00:00:14.75 945505 116 N
2405FD46 TCPIP$SMT_BG646 COM 11 105 0 00:00:15.03 941674 185 N
24060E51 TCPIP$SS_BG1304 COMO 15 -- swapped out -- 7 N
24060F52 TCPIP$SS_BG1672 COMO 15 -- swapped out -- 7 N
24060C78 TCPIP$SM_BG9791 COM 11 174 0 00:00:26.67 49654 259 N
24060583 TCPIP$SM_BG9827 COM 11 147 0 00:00:27.42 36428 236 N
24060D86 TCPIP$SM_BG9873 COM 11 140 0 00:00:24.86 25645 220 N
MONITOR showed SWAPPER taking the largest CPU share, about 37%.
I suspect some sort of spam flood or DOS attack.
Any ideas what it is?
Any ideas how to prevent it without too large a sacrifice?
More information about the Info-vax
mailing list